-
Notifications
You must be signed in to change notification settings - Fork 0
Production Build
Thomas Schaffter edited this page Apr 5, 2019
·
3 revisions
In tsconfig.json, set
"noUnusedLocals": true,
"noUnusedParameters": true
In server/config/express.js, uncomment lusca code:
/**
* Lusca - express server security
* https://github.com/krakenjs/lusca
*/
if (env !== 'test' && env !== 'development') {
app.use(lusca({
csrf: {
header: 'x-xsrf-token',
},
xframe: 'SAMEORIGIN',
hsts: {
maxAge: 31536000, //1 year, in seconds
includeSubDomains: true,
preload: true
},
xssProtection: true
}));
}