x-frame-options express middleware
Express middleware to add an X-Frame-Options response header
The X-Frame-Options header can be used to to indicate whether a browser is allowed to render a page within an <iframe>
element or not.
This is helpful to prevent clickjacking attacks by ensuring your content is not embedded within other sites.
See more here: https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options.
Example
var express =var app =var xFrameOptions =appappapp
Usage
var xFrameOptions =
var middleware = xFrameOptions(headerValue = 'Deny')
Returns an express middleware function. Allows you to specify the value of the header, defaults to 'Deny' for the strongest protection.
Installation
npm install x-frame-options --save
Credits
License
Licensed under the New BSD License