How to secure Spartacus with helmet?

Hello experts! We are trying to add helmet to our front end to make it more secure. If I understand correctly, Spartacus runs on an Express server so it should be compatible with helmet. I have added helmet to the package.json file and yarn install runs without any warnings. To our server.ts file I have added the following lines:

const server = express();

const helmet = require("helmet");

server.use(helmet.frameguard({ action: "SAMEORIGIN" }));

Still when I view the application the helmet specific HTTP headers do not appear in the requests sent to the server. How can I secure the app using helmet?

SAP Managed Tags:
SAP Commerce,
SAP Commerce Cloud

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi,

As this issue is not relevant with SAP S/4HANA public cloud, I removed tag "SAP S/4HANA Cloud front end".

Best regards,

Marissa

Accepted Solutions (0)

Answers (0)

Ask a Question

Top Q&A Solution Author

User

Count