From 22e58844c93f7d8790bf334623c21ee8e22225ab Mon Sep 17 00:00:00 2001 From: Josh Harvey Date: Tue, 25 Oct 2016 19:25:31 +0300 Subject: [PATCH] add helmet --- lib/app.js | 8 +++++--- package.json | 1 + todo.txt | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/lib/app.js b/lib/app.js index c25e116e..dc090a26 100644 --- a/lib/app.js +++ b/lib/app.js @@ -1,5 +1,3 @@ -'use strict' - var http = require('http') var https = require('https') var express = require('express') @@ -9,12 +7,17 @@ var plugins = require('./plugins') var logger = require('./logger') var configManager = require('./config-manager') +const helmet = require('helmet') + const pair = require('./pair') module.exports = function (options) { var app = express() var server + app.use(helmet()) + app.use(bodyParser.json()) + const psqlUrl = options.postgresql if (!psqlUrl) { console.log('Missing postgresql entry in configuration file') @@ -34,7 +37,6 @@ module.exports = function (options) { console.log('DEBUG9.3 ****************') - app.use(bodyParser.json()) console.log('DEBUG9 ****************') diff --git a/package.json b/package.json index cccf5cd6..397cd91b 100644 --- a/package.json +++ b/package.json @@ -15,6 +15,7 @@ "bunyan": "^1.8.1", "chalk": "^1.1.3", "express": "^4.13.4", + "helmet": "^2.3.0", "inquirer": "^1.0.0", "lamassu-bitcoinaverage": "~1.0.0", "lamassu-bitcoind": "lamassu/lamassu-bitcoind", diff --git a/todo.txt b/todo.txt index 0aeb3e1b..6be057cc 100644 --- a/todo.txt +++ b/todo.txt @@ -107,5 +107,5 @@ options: configure per machine; configure per crypto/fiat -------------------------------- -- need to create CA: http://stackoverflow.com/questions/19665863/how-do-i-use-a-self-signed-certificate-for-a-https-node-js-server +v need to create CA: http://stackoverflow.com/questions/19665863/how-do-i-use-a-self-signed-certificate-for-a-https-node-js-server