fastify-frame-guard

0.3.0 • Public • Published

fastify-frame-guard

Build Status Code coverage Code style Dependency Status Dev Dependency Status NPM version NPM downloads NPM license

Fastify plugin to set the X-Frame-Options header, mitigating things like clickjacking

Why?

You may know frameguard as a frameguard middleware used in helmet. And you could use it as a middleware in fastify also. So why i made this plugin?

You may find the reason in benchmark result and wish you like it. :)

Difference

This plugin has passed all frameguard test cases. And no difference in options.

Install

Via npm:

npm i fastify-frame-guard

Via yarn:

yarn add fastify-frame-guard

Usage

const fastify = require('fastify');
const fastifyFrameGuard = require('fastify-frame-guard');
 
const app = fastify();
app.register(fastifyFrameGuard, {
  // Your options
});
 
app.listen(3000, err => {
  if (err) throw err;
});

Options

This plugin has all options which the middleware in helmet gives and support a new option allowedDomains.

action {string}

Specify the action for this plugin which could be DENY, SAMEORIGIN or ALLOW-FROM. Default is SAMEORIGIN. Case insensitivity.

  • DENY: couldn't be framed
  • SAMEORIGIN: could only be framed from the same origin
  • ALLOW-FROM: could be framed from domain option
  • others: use default value

domain {string}

Specify the allowed domain for ALLOW-FROM action.

Changelog

  • 0.3.0
    • Drop allowedDomains option
    • Update test case
  • 0.2.0
    • Add test case
    • Add code coverage
    • Add benchmarks
  • 0.1.0:
    • Init version

Package Sidebar

Install

npm i fastify-frame-guard

Weekly Downloads

5

Version

0.3.0

License

MIT

Unpacked Size

6.51 kB

Total Files

4

Last publish

Collaborators

  • poppinl