Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
var helmet = require('helmet');
app.use(helmet.hidePoweredBy({setTo: 'DummyServer 1.0'})); //change value of X-Powered-By header to given value
app.use(helmet.noCache({noEtag: true})); //set Cache-Control header
app.use(helmet.noSniff()); // set X-Content-Type-Options header
app.use(helmet.frameguard()); // set X-Frame-Options header
app.use(helmet.xssFilter()); // set X-XSS-Protection header
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment