Skip to content

Commit

Permalink
Fix: enable secure header middleware by default (#1601)
Browse files Browse the repository at this point in the history
Co-authored-by: Aaron Moat <[email protected]>
  • Loading branch information
tadhglewis and AaronMoat authored Sep 2, 2024
1 parent bb8e4de commit 72e448d
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 5 deletions.
5 changes: 5 additions & 0 deletions .changeset/heavy-scissors-divide.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'skuba': patch
---

template/koa-rest-api: Enable secure headers middleware by default
8 changes: 3 additions & 5 deletions template/koa-rest-api/src/framework/server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import {
ErrorMiddleware,
MetricsMiddleware,
RequestLogging,
// SecureHeaders,
SecureHeaders,
VersionMiddleware,
} from 'seek-koala';

Expand Down Expand Up @@ -39,10 +39,8 @@ export const createApp = <State, Context>(
...middleware: Array<Koa.Middleware<State, Context>>
) =>
new Koa()
// TODO: consider using a middleware that adds secure HTTP headers.
// https://github.com/seek-oss/koala/tree/master/src/secureHeaders
// https://github.com/venables/koa-helmet
// .use(SecureHeaders.middleware)
// Read: https://github.com/seek-oss/koala/tree/master/src/secureHeaders
.use(SecureHeaders.middleware)
.use(contextMiddleware)
.use(requestLogging)
.use(metrics)
Expand Down

0 comments on commit 72e448d

Please sign in to comment.