1 | import middy from '@middy/core'
|
2 |
|
3 | interface Options {
|
4 | dnsPrefetchControl?: {
|
5 | allow?: boolean
|
6 | }
|
7 | frameOptions?: {
|
8 | action?: string
|
9 | }
|
10 | poweredBy?: {
|
11 | server: string
|
12 | }
|
13 | strictTransportSecurity?: {
|
14 | maxAge?: number
|
15 | includeSubDomains?: boolean
|
16 | preload?: boolean
|
17 | }
|
18 | downloadOptions?: {
|
19 | action?: string
|
20 | }
|
21 | contentTypeOptions?: {
|
22 | action?: string
|
23 | }
|
24 | originAgentCluster?: boolean
|
25 | referrerPolicy?: {
|
26 | policy?: string
|
27 | }
|
28 | xssProtection?: {
|
29 | reportUri?: string
|
30 | }
|
31 | contentSecurityPolicy?: Record<string, string>
|
32 | crossOriginEmbedderPolicy?: {
|
33 | policy?: string
|
34 | }
|
35 | crossOriginOpenerPolicy?: {
|
36 | policy?: string
|
37 | }
|
38 | crossOriginResourcePolicy?: {
|
39 | policy?: string
|
40 | }
|
41 | permissionsPolicy?: Record<string, string>
|
42 | permittedCrossDomainPolicies?: {
|
43 | policy?: string
|
44 | }
|
45 | reportTo?: {
|
46 | maxAge?: number
|
47 | default?: string
|
48 | includeSubdomains?: boolean
|
49 | csp?: string
|
50 | staple?: string
|
51 | xss?: string
|
52 | }
|
53 | }
|
54 |
|
55 | type WithFalseValues<T> = { [K in keyof T]: T[K] | false }
|
56 |
|
57 | declare function httpSecurityHeaders (
|
58 | options?: WithFalseValues<Options>
|
59 | ): middy.MiddlewareObj
|
60 |
|
61 | export default httpSecurityHeaders
|
62 |
|
\ | No newline at end of file |