Merge pull request #2782 from khassel/helmet

2025-06-27 19:53:36 +00:00 · 2022-01-12 20:18:01 +01:00 · 2022-01-12 20:18:01 +01:00 · e8c6ef945a
commit e8c6ef945a
parent f7f0bc8681 14a22efae1
4 changed files with 11 additions and 10 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -18,6 +18,7 @@ _This release is scheduled to be released on 2022-04-01._
 ### Updated
 - deprecated roboto fonts package `roboto-fontface-bower` replaced with `fontsource`.
 - update `helmet` to v5.
 ### Fixed
--- a/js/server.js
+++ b/js/server.js
@ -67,7 +67,7 @@ function Server(config, callback) {
 			res.status(403).send("This device is not allowed to access your mirror. <br> Please check your config.js or config.js.sample to change this.");
 		});
 	});
-	app.use(helmet({ contentSecurityPolicy: false }));
+	app.use(helmet({ contentSecurityPolicy: false, crossOriginOpenerPolicy: false }));
 	app.use("/js", express.static(__dirname));
--- a/package-lock.json
+++ b/package-lock.json
@ -17,7 +17,7 @@
 				"express": "^4.17.2",
 				"express-ipfilter": "^1.2.0",
 				"feedme": "^2.0.2",
-				"helmet": "^4.6.0",
+				"helmet": "^5.0.1",
 				"iconv-lite": "^0.6.3",
 				"module-alias": "^2.2.2",
 				"moment": "^2.29.1",
@ -3932,11 +3932,11 @@
 			}
 		},
 		"node_modules/helmet": {
-			"version": "4.6.0",
+			"version": "5.0.1",
-			"resolved": "https://registry.npmjs.org/helmet/-/helmet-4.6.0.tgz",
+			"resolved": "https://registry.npmjs.org/helmet/-/helmet-5.0.1.tgz",
-			"integrity": "sha512-HVqALKZlR95ROkrnesdhbbZJFi/rIVSoNq6f3jA/9u6MIbTsPh3xZwihjeI5+DO/2sOV6HMHooXcEOuwskHpTg==",
+			"integrity": "sha512-iyYpGYH2nbQVaQtauYDnemWg45S2RyGvJ+iKj+V9jp7Dc1NTtAJHmD+hFOSYS7Xdwe1GeyVEYSydggXLOg6TKQ==",
 			"engines": {
-				"node": ">=10.0.0"
+				"node": ">=12.0.0"
 			}
 		},
 		"node_modules/hosted-git-info": {
@ -11664,9 +11664,9 @@
 			}
 		},
 		"helmet": {
-			"version": "4.6.0",
+			"version": "5.0.1",
-			"resolved": "https://registry.npmjs.org/helmet/-/helmet-4.6.0.tgz",
+			"resolved": "https://registry.npmjs.org/helmet/-/helmet-5.0.1.tgz",
-			"integrity": "sha512-HVqALKZlR95ROkrnesdhbbZJFi/rIVSoNq6f3jA/9u6MIbTsPh3xZwihjeI5+DO/2sOV6HMHooXcEOuwskHpTg=="
+			"integrity": "sha512-iyYpGYH2nbQVaQtauYDnemWg45S2RyGvJ+iKj+V9jp7Dc1NTtAJHmD+hFOSYS7Xdwe1GeyVEYSydggXLOg6TKQ=="
 		},
 		"hosted-git-info": {
 			"version": "4.1.0",
--- a/package.json
+++ b/package.json
@ -77,7 +77,7 @@
 		"express": "^4.17.2",
 		"express-ipfilter": "^1.2.0",
 		"feedme": "^2.0.2",
-		"helmet": "^4.6.0",
+		"helmet": "^5.0.1",
 		"iconv-lite": "^0.6.3",
 		"module-alias": "^2.2.2",
 		"moment": "^2.29.1",