diff --git a/helmet/helmet-tests.ts b/helmet/helmet-tests.ts index 3d7298cbc3..0223244cc0 100644 --- a/helmet/helmet-tests.ts +++ b/helmet/helmet-tests.ts @@ -110,10 +110,39 @@ function noSniffTest() { */ function publicKeyPinsTest() { app.use(helmet.publicKeyPins({ + maxAge: 7776000000, + sha256s: ["AbCdEf123=", "ZyXwVu456="], + })); + + app.use(helmet.publicKeyPins({ + maxAge: 7776000000, + sha256s: ["AbCdEf123=", "ZyXwVu456="], + includeSubdomains: false + })); + + app.use(helmet.publicKeyPins({ + maxAge: 7776000000, + sha256s: ["AbCdEf123=", "ZyXwVu456="], + includeSubdomains: true + })); + + app.use(helmet.publicKeyPins({ + maxAge: 7776000000, sha256s: ["AbCdEf123=", "ZyXwVu456="], - includeSubdomains: true, reportUri: "http://example.com" })); + + app.use(helmet.publicKeyPins({ + maxAge: 7776000000, + sha256s: ["AbCdEf123=", "ZyXwVu456="], + reportOnly: true + })); + + app.use(helmet.publicKeyPins({ + maxAge: 7776000000, + sha256s: ["AbCdEf123=", "ZyXwVu456="], + setIf: function (req, res) { return true; } + })); } /** diff --git a/helmet/helmet.d.ts b/helmet/helmet.d.ts index fa9c859e85..f32ba0a2d9 100644 --- a/helmet/helmet.d.ts +++ b/helmet/helmet.d.ts @@ -40,6 +40,19 @@ declare module "helmet" { directives? : IHelmetCspDirectives } + interface IHelmetPublicKeyPinsSetIfFunction { + (req: express.Request, res: express.Response): boolean; + } + + interface IHelmetPublicKeyPinsConfiguration { + maxAge : number; + sha256s : string[]; + includeSubdomains? : boolean; + reportUri? : string; + reportOnly? : boolean; + setIf?: IHelmetPublicKeyPinsSetIfFunction + } + interface IHelmetXssFilterConfiguration { setOnOldIE? : boolean; } @@ -107,7 +120,7 @@ declare module "helmet" { * @summary Adds the "Public-Key-Pins" header. * @return {RequestHandler} The Request handler. */ - publicKeyPins(options ?: Object):express.RequestHandler; + publicKeyPins(options ?: IHelmetPublicKeyPinsConfiguration):express.RequestHandler; /** * @summary Mitigate cross-site scripting attacks with the "X-XSS-Protection" header.