diff --git a/package-lock.json b/package-lock.json index 4fe3f88..f19af4e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -35,6 +35,7 @@ "class-transformer": "^0.5.1", "class-validator": "^0.14.0", "handlebars": "^4.7.9", + "helmet": "^8.2.0", "ioredis": "^5.10.1", "jsonwebtoken": "^9.0.3", "nodemailer": "^8.0.4", @@ -8359,6 +8360,18 @@ "node": ">= 0.4" } }, + "node_modules/helmet": { + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/helmet/-/helmet-8.2.0.tgz", + "integrity": "sha512-DRgTIUgnWcJ62KyarxxziuqYxKGnR6Rgg19BlbucN/dpmJbl1XOit6qvoOX0ZT+HhWe5OUVhU/a1zpGyc1xA0Q==", + "license": "MIT", + "engines": { + "node": ">=18.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/EvanHahn" + } + }, "node_modules/hookified": { "version": "1.15.1", "resolved": "https://registry.npmjs.org/hookified/-/hookified-1.15.1.tgz", diff --git a/package.json b/package.json index 114528d..34da15a 100644 --- a/package.json +++ b/package.json @@ -51,6 +51,7 @@ "class-transformer": "^0.5.1", "class-validator": "^0.14.0", "handlebars": "^4.7.9", + "helmet": "^8.2.0", "ioredis": "^5.10.1", "jsonwebtoken": "^9.0.3", "nodemailer": "^8.0.4", diff --git a/src/dtos/create-cat.dto.ts b/src/dtos/create-cat.dto.ts index a332fde..8847fa8 100644 --- a/src/dtos/create-cat.dto.ts +++ b/src/dtos/create-cat.dto.ts @@ -11,4 +11,4 @@ export class CreateCatDto { @IsNotEmpty() readonly age: number; -} \ No newline at end of file +} diff --git a/src/main.ts b/src/main.ts index 6349fae..4ab2eea 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,10 +1,24 @@ -import { NestFactory, ValidationPipe } from '@nestjs/core'; +import { NestFactory } from '@nestjs/core'; +import { ValidationPipe } from '@nestjs/common'; import { AppModule } from './app.module'; import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger'; +import helmet from 'helmet'; async function bootstrap() { const app = await NestFactory.create(AppModule); app.setGlobalPrefix('api/v1'); + app.use( + helmet({ + contentSecurityPolicy: { + directives: { + defaultSrc: ["'self'"], + styleSrc: ["'self'", "'unsafe-inline'"], + scriptSrc: ["'self'"], + imgSrc: ["'self'", 'data:', 'https:'], + }, + }, + }), + ); app.useGlobalPipes( new ValidationPipe({ whitelist: true, @@ -14,7 +28,6 @@ async function bootstrap() { ); app.enableShutdownHooks(); - // Configure Swagger/OpenAPI const swaggerConfig = new DocumentBuilder() .setTitle('NexaFx API') .setDescription('NexaFx financial platform REST API') @@ -30,4 +43,4 @@ async function bootstrap() { await app.listen(process.env.PORT ?? 3000); } -bootstrap(); +void bootstrap(); diff --git a/test/app.e2e-spec.ts b/test/app.e2e-spec.ts index 471a109..6292c77 100644 --- a/test/app.e2e-spec.ts +++ b/test/app.e2e-spec.ts @@ -17,6 +17,8 @@ describe('AppController (e2e)', () => { process.env.JWT_SECRET = 'test-jwt-secret'; process.env.REFRESH_TOKEN_SECRET = 'test-refresh-token-secret'; process.env.OTP_SECRET = 'test-otp-secret'; + process.env.WALLET_ENCRYPTION_KEY = + '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'; process.env.WALLET_ENCRYPTION_KEY = '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'; process.env.BLOCKCHAIN_RPC_URL = 'http://localhost:8545'; process.env.PROVIDER_API_URL = 'https://api.example.com'; @@ -66,4 +68,4 @@ describe('AppController (e2e)', () => { .send({ name: 'Fluffy', breed: 'Persian', age: 3 }) .expect(201); }); -}); \ No newline at end of file +});