From 0b81e7ebb58911dd2fd8e51286d0f91fa044563e Mon Sep 17 00:00:00 2001 From: gabito1451 Date: Wed, 22 Apr 2026 09:25:59 -0700 Subject: [PATCH 1/2] Security Headers --- src/main.ts | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/main.ts b/src/main.ts index 028e8780..4b014843 100644 --- a/src/main.ts +++ b/src/main.ts @@ -13,6 +13,7 @@ import { LoggingInterceptor } from './common/interceptors/logging.interceptor'; import { correlationMiddleware } from './common/utils/correlation.utils'; import { sessionConfig } from './config/cache.config'; import { SESSION_REDIS_CLIENT } from './session/session.constants'; +import helmet from 'helmet'; async function bootstrapWorker() { const logger = new Logger('Bootstrap'); @@ -21,6 +22,17 @@ async function bootstrapWorker() { // Create the application with dynamic module loading const app = await NestFactory.create(await AppModule.forRoot(), { rawBody: true }); + // ─── Security Headers ───────────────────────────────────────────────────── + app.use( + helmet({ + hsts: { + maxAge: 31536000, + includeSubDomains: true, + preload: true, + }, + }), + ); + const redisClient = app.get(SESSION_REDIS_CLIENT); if (sessionConfig.trustProxy) { From 8b30158702d0168248561477ecf3f64ed886ebbe Mon Sep 17 00:00:00 2001 From: gabito1451 Date: Wed, 22 Apr 2026 09:26:31 -0700 Subject: [PATCH 2/2] fix --- package.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index a9567df7..96f1e39e 100644 --- a/package.json +++ b/package.json @@ -101,7 +101,8 @@ "stripe": "^18.3.0", "swagger-ui-express": "^5.0.1", "typeorm": "^0.3.28", - "uuid": "^11.1.0" + "uuid": "^11.1.0", + "helmet": "^8.0.0" }, "devDependencies": { "@commitlint/cli": "^19.0.0",