{"version":3,"sources":["../src/http/security/headers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,EAAC,kBAAkB,EAAC,MAAM,UAAU,CAAC;AAE5C;;;;GAIG;AACH,oBAAY,mBAAmB,GAAG,GAAG,CAAC,kBAAkB,CAAC,CAAC;AAE1D;;;;GAIG;AACH,eAAO,MAAM,mBAAmB,EAAE,mBAiBhC,CAAC","file":"headers.d.ts","sourcesContent":["/**\n *\tMIT License\n *\n *\tCopyright (c) 2019 - 2021 Toreda, Inc.\n *\n *\tPermission is hereby granted, free of charge, to any person obtaining a copy\n *\tof this software and associated documentation files (the \"Software\"), to deal\n *\tin the Software without restriction, including without limitation the rights\n *\tto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n *\tcopies of the Software, and to permit persons to whom the Software is\n *\tfurnished to do so, subject to the following conditions:\n\n * \tThe above copyright notice and this permission notice shall be included in all\n * \tcopies or substantial portions of the Software.\n *\n * \tTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n *\tIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n *\tFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * \tAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n *\tLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n *\tOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * \tSOFTWARE.\n *\n */\n\nimport {HttpSecurityHeader} from './header';\n\n/**\n * Type for used to check & validate HTTP Security header keys.\n *\n * @category HTTP\n */\nexport type HttpSecurityHeaders = Set<HttpSecurityHeader>;\n\n/**\n * Set used to check & validate HTTP Security header keys.\n *\n * @category HTTP\n */\nexport const httpSecurityHeaders: HttpSecurityHeaders = new Set<HttpSecurityHeader>([\n\t'Content-Security-Policy-Report-Only',\n\t'Content-Security-Policy',\n\t'Cross-Origin-Embedder-Policy',\n\t'Cross-Origin-Opener-Policy',\n\t'Cross-Origin-Resource-Policy',\n\t'Expect-CT',\n\t'Feature-Policy',\n\t'Origin-Isolation',\n\t'Strict-Transport-Security',\n\t'Upgrade-Insecure-Requests',\n\t'X-Content-Type-Options',\n\t'X-Download-Options',\n\t'X-Frame-Options',\n\t'X-Permitted-Cross-Domain-Policies',\n\t'X-Powered-By',\n\t'X-XSS-Protection'\n]);\n"]}