Use and configure helmet
Out of the box express
doesn't follow security best practices with respect to HTTP headers. There is a module, helmet, which can be simply added (and configured if necessary) to reconfigure express
with safer defaults.
Out of the box express
doesn't follow security best practices with respect to HTTP headers. There is a module, helmet, which can be simply added (and configured if necessary) to reconfigure express
with safer defaults.