Skip to content

domharrington/x-frame-options

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 1 tag
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.gitignore
 
 
.jshintignore
 
 
.jshintrc
 
 
.travis.yml
 
 
README.md
 
 
example.js
 
 
index.js
 
 
package.json
 
 
test.js
 
 
x-frame-options express middleware Example Usage var middleware = xFrameOptions(headerValue = 'Deny') Installation Credits License

README.md

x-frame-options express middleware

Express middleware to add an X-Frame-Options response header

build status

The X-Frame-Options header can be used to to indicate whether a browser is allowed to render a page within an <iframe> element or not. This is helpful to prevent clickjacking attacks by ensuring your content is not embedded within other sites. See more here: https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options.

Example

  var express = require('express')
  var app = express()
  var xFrameOptions = require('x-frame-options')

  app.use(xFrameOptions())

  app.get('/', function (req, res) {
    res.get('X-Frame-Options') // === 'Deny'
  })

  app.listen(3000)

Usage

  var xFrameOptions = require('x-frame-options')

var middleware = xFrameOptions(headerValue = 'Deny')

Returns an express middleware function. Allows you to specify the value of the header, defaults to 'Deny' for the strongest protection.

Installation

npm install x-frame-options --save

Credits

Dom Harrington

License

Licensed under the New BSD License

About

Express middleware to add an X-Frame-Options response header

Resources

Readme
Activity

Stars

11 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages