1.0.2 • Published 2 months ago

sveltekit-helmet v1.0.2

Weekly downloads
-
License
MIT
Repository
github
Last release
2 months ago

sveltekit-helmet

Version Downloads

sveltekit-helmet is a wrapper for helmet to work with SvelteKit. It provides important security headers to make your app more secure by default.

Installation

npm i sveltekit-helmet

# or:

yarn add sveltekit-helmet

Usage

Usage is the same as helmet, see the helmet documentation for more information.

Just add the following to your src/hooks.server.js:

import helmet from "sveltekit-helmet";

// Default
export const handle = helmet();

// With options
export const handle = helmet({
  contentSecurityPolicy: {
    directives: {
      "script-src": ["'self'", "example.com"],
    },
  },
});

// With other middleware
import { sequence } from "@sveltejs/kit/hooks";
export const handle = sequence(helmet(), fooMiddleware, barMiddleware);

Currently, only the full helmet middleware is supported, you can just disable unwanted rules in options instead of using the individual middleware.

Versioning

sveltekit-helmet currently only supports SvleteKit v2.

If you are using SvelteKit v1, you can open an issue and I will consider adding support for it.

securityheaderssveltekitcsphsts
helmet
1.0.2

2 months ago

1.0.1

2 months ago

1.0.0

2 months ago