npm install blockade

Blockade

![version](https://www.npmjs.com/package/blockade)
![Types](https://www.npmjs.com/package/blockade)
![License](https://www.npmjs.com/package/blockade)
![Style](https://github.com/prettier/prettier)

Blockade ⚓️ is a lightweight package that adds optional security headers and cookie attributes for Node.js web frameworks.

Security HTTP headers and cookie attributes help enhance the security of your web application by enabling built-in browser security mechanisms.

$3

AdonisJs, Express, Fastify, hapi, Koa, Meteor, Nest, Polka, restify, Sails, Total.js

Install

``console $ npm i blockade`

After installing Blockade:

`javascript const blockade = require("blockade");

const secureHeaders = new blockade.SecureHeaders(); const secureCookie = new blockade.SecureCookie();

`Secure Headers`


 
 ### Example

secureHeaders.framework(response);

Default HTTP response headers:`HTTP Strict-Transport-Security: max-age=63072000; includeSubdomains X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Referrer-Policy: no-referrer, strict-origin-when-cross-origin Cache-control: no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Expires: 0`

`Secure Cookie`

`$3`

`javascript secureCookie.framework(response, "foo", "bar");`

Default Set-Cookie HTTP response header:

`HTTP Set-Cookie: foo=bar; Path=/; secure; HttpOnly; SameSite=lax``

Documentation

Please see the full set of documentation at https://blockadejs.readthedocs.io

Resources

- OWASP - Secure Headers Project
- OWASP - Session Management Cheat Sheet
- Mozilla Web Security
- securityheaders.com