-
Notifications
You must be signed in to change notification settings - Fork 568
/
interface.ts
97 lines (90 loc) 路 2.43 KB
/
interface.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
import { IgnoreMatcher } from '@midwayjs/core';
export interface SecurityOptions {
/**
* whether defend csrf attack
* default enable and use cookie
*/
csrf: Partial<SecurityCSRFOptions>;
/**
* content security policy config
* default not enable
*/
csp: Partial<SecurityCSPOptions>;
/**
* whether enable X-Frame-Options response header
* default enable and value equals SAMEORIGIN
*/
xframe: Partial<SecurityXFrameOptions>;
/**
* whether enable Strict-Transport-Security response header
* default not enable and maxAge equals one year
*/
hsts: Partial<SecurityHSTSOptions>;
/**
* whether enable IE automaticlly download open
* default not enable
*/
noopen: Partial<SecurityEnableOptions>;
/**
* whether enable IE8 automaticlly dedect mime
* default not enable
*/
nosniff: Partial<SecurityEnableOptions>;
/**
* whether enable IE8 XSS Filter, default is open
* default enable
*/
xssProtection: Partial<SecurityXSSProtectionOptions>;
}
export interface SecurityCSRFOptions extends SecurityEnableOptions {
type: SecurityCSRFType;
/**
* If set to true, the secret will be stored in the session instead of the cookie.
*/
useSession: boolean;
/**
* The key name stored in the cookie by the token of csrf
*/
cookieName: string | string[];
/**
* The key name of the CSRF token stored in the session.
*/
sessionName: string;
/**
* The name of the csrf token in the header
*/
headerName: string;
/**
* The name of the csrf token in the body.
*/
bodyName: string;
/**
* The name of the csrf token in the query.
*/
queryName: string;
refererWhiteList: string[];
cookieDomain: (context: any) => string;
}
export interface SecurityXFrameOptions extends SecurityEnableOptions {
value: string;
}
export interface SecurityHSTSOptions extends SecurityEnableOptions {
maxAge: number;
includeSubdomains: boolean;
}
export interface SecurityXSSProtectionOptions extends SecurityEnableOptions {
value: string;
}
export interface SecurityCSPOptions extends SecurityEnableOptions {
policy: {
[otherPolicy: string]: string | string[] | boolean;
};
reportOnly: boolean;
supportIE: boolean;
}
export interface SecurityEnableOptions {
enable: boolean;
match?: IgnoreMatcher<any> | IgnoreMatcher<any> [];
ignore?: IgnoreMatcher<any> | IgnoreMatcher<any> [];
}
export type SecurityCSRFType = 'all' | 'any' | 'ctoken' | 'referer';