mirror of
https://codeberg.org/tacerus/teddit.git
synced 2025-01-10 21:32:35 +01:00
40 lines
1.3 KiB
JavaScript
40 lines
1.3 KiB
JavaScript
|
"use strict";
|
||
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
||
|
|
const ALLOWED_TOKENS = new Set([
|
||
|
|
"no-referrer",
|
||
|
|
"no-referrer-when-downgrade",
|
||
|
|
"same-origin",
|
||
|
|
"origin",
|
||
|
|
"strict-origin",
|
||
|
|
"origin-when-cross-origin",
|
||
|
|
"strict-origin-when-cross-origin",
|
||
|
|
"unsafe-url",
|
||
|
|
"",
|
||
|
|
]);
|
||
|
|
function getHeaderValueFromOptions({ policy = ["no-referrer"], }) {
|
||
|
|
const tokens = typeof policy === "string" ? [policy] : policy;
|
||
|
|
if (tokens.length === 0) {
|
||
|
|
throw new Error("Referrer-Policy received no policy tokens");
|
||
|
|
}
|
||
|
|
const tokensSeen = new Set();
|
||
|
|
tokens.forEach((token) => {
|
||
|
|
if (!ALLOWED_TOKENS.has(token)) {
|
||
|
|
throw new Error(`Referrer-Policy received an unexpected policy token ${JSON.stringify(token)}`);
|
||
|
|
}
|
||
|
|
else if (tokensSeen.has(token)) {
|
||
|
|
throw new Error(`Referrer-Policy received a duplicate policy token ${JSON.stringify(token)}`);
|
||
|
|
}
|
||
|
|
tokensSeen.add(token);
|
||
|
|
});
|
||
|
|
return tokens.join(",");
|
||
|
|
}
|
||
|
|
function referrerPolicy(options = {}) {
|
||
|
|
const headerValue = getHeaderValueFromOptions(options);
|
||
|
|
return function referrerPolicyMiddleware(_req, res, next) {
|
||
|
|
res.setHeader("Referrer-Policy", headerValue);
|
||
|
|
next();
|
||
|
|
};
|
||
|
|
}
|
||
|
|
module.exports = referrerPolicy;
|
||
|
|
exports.default = referrerPolicy;
|