refactor: moved server content to /server

2017-04-28 17:58:38 -04:00
parent 86eb7a427d
commit d4b73be1e7
97 changed files with 7452 additions and 73 deletions
--- a/server/middlewares/security.js
+++ b/server/middlewares/security.js
@@ -0,0 +1,30 @@
+'use strict'
+
+/* global app */
+
+/**
+ * Security Middleware
+ *
+ * @param      {Express Request}   req     Express request object
+ * @param      {Express Response}  res     Express response object
+ * @param      {Function}          next    next callback function
+ * @return     {any}               void
+ */
+module.exports = function (req, res, next) {
+  // -> Disable X-Powered-By
+  app.disable('x-powered-by')
+
+  // -> Disable Frame Embedding
+  res.set('X-Frame-Options', 'deny')
+
+  // -> Re-enable XSS Fitler if disabled
+  res.set('X-XSS-Protection', '1; mode=block')
+
+  // -> Disable MIME-sniffing
+  res.set('X-Content-Type-Options', 'nosniff')
+
+  // -> Disable IE Compatibility Mode
+  res.set('X-UA-Compatible', 'IE=edge')
+
+  return next()
+}