From 6061d1e5b5bdd67ab958c7cedc2f3fe5712e3ea2 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sat, 24 Jun 2017 23:39:18 +0200
Subject: feat: add some security with helmet

---
 src/app.js | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'src/app.js')

diff --git a/src/app.js b/src/app.js
index 46ebd2e..fa0d5c2 100644
--- a/src/app.js
+++ b/src/app.js
@@ -3,6 +3,8 @@
 const Koa = require('koa')
 const app = new Koa()
 
+const helmet = require('koa-helmet')
+
 const actions = require('./actions.js')
 
 const config = require('./modules/config.js')
@@ -26,6 +28,14 @@ for (let [term, items] of Posts.taxonomies) {
   )
 }
 
+app.use(
+  helmet({
+    hsts: {
+      setIf: ctx => ctx.secure
+    }
+  })
+)
+
 app.use(router.routes()).use(router.allowedMethods())
 
 app.use(actions.serveFiles)
-- 
cgit 1.4.1