DiscofyAPI/node_modules/helmet/dist/middlewares/x-permitted-cross-domain-po.../index.js

20 lines
809 B
JavaScript
Raw Permalink Normal View History

2021-03-25 17:23:36 +01:00
"use strict"
Object.defineProperty(exports, "__esModule", { value: true })
const ALLOWED_PERMITTED_POLICIES = new Set(["none", "master-only", "by-content-type", "all"])
function getHeaderValueFromOptions({ permittedPolicies = "none" }) {
if (ALLOWED_PERMITTED_POLICIES.has(permittedPolicies)) {
return permittedPolicies
} else {
throw new Error(`X-Permitted-Cross-Domain-Policies does not support ${JSON.stringify(permittedPolicies)}`)
}
}
function xPermittedCrossDomainPolicies(options = {}) {
const headerValue = getHeaderValueFromOptions(options)
return function xPermittedCrossDomainPoliciesMiddleware(_req, res, next) {
res.setHeader("X-Permitted-Cross-Domain-Policies", headerValue)
next()
}
}
module.exports = xPermittedCrossDomainPolicies
exports.default = xPermittedCrossDomainPolicies