The helmet is a good lib that completes the express security, would not be better add per default in express?
3 thoughts on “It a good idea add the helmet lib how default in the express?”
Comments are closed.
Recent comments
- Anonymous on set ‘type: FloatType’ as default for EffectComposer
- Anonymous on Stop doing a release every week
- Anonymous on Angular Animation breaks nested ng-content + ngIf
- Anonymous on why sm_61 was dropped from the nightly build?
- Anonymous on Best practice unified identifier, two different platforms
[React Native] Facebook Video Downloader
[REACT NATIVE] IELTS FORCASTING APP
Security should be a concept handled at design / architecture stage of an App / Service and not a package being added to core – please don‘t even consider adding it to core.
Please keep express minimalistic and free of opinionated middleware. I especially don’t like how helmet was written. The core concepts in helmet are good, but most of it is setting the correct response headers. Trivial stuff to rewrite.
If OP wants to include certain middleware into their app then encourage them to write their own opinionated app framwework on top of express.
Definitely we don’t need a big, bloated with ‘middleware of someone choice’ Express. Keep it minimal.
And leave links to all good middlewares in “best practices’ (just like it is now). People will find it, learn it and use if them need it.