admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(security): add security hardening — Helmet, CORS, rate limiting, input sanitization

Browse Source 
- Add Helmet with CSP, HSTS, referrer policy
- Configure CORS with environment-based origins
- Add global validation pipe with whitelist mode
- Add SanitizeInputMiddleware for XSS prevention
- Add ThrottlerBehindProxyGuard for rate limiting
- Add FileValidationPipe for upload security
- Set request body size limit to 1MB

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Ho Ngoc Hai
2026-04-08 02:04:13 +07:00
parent 5e44456d11
commit f3081d92fc
6 changed files with 197 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/api/src/modules/shared/infrastructure/index.ts
View File

@@ -5,4 +5,8 @@ export { EventBusService } from './event-bus.service';
export { GlobalExceptionFilter } from './filters/global-exception.filter';
export { CorrelationIdMiddleware } from './middleware/correlation-id.middleware';
export { RequestLoggingMiddleware } from './middleware/request-logging.middleware';
export { SanitizeInputMiddleware } from './middleware/sanitize-input.middleware';
export { maskPii } from './pii-masker';
export { ThrottlerBehindProxyGuard } from './guards/throttler-behind-proxy.guard';
export { FileValidationPipe } from './pipes/file-validation.pipe';
export type { FileValidationOptions } from './pipes/file-validation.pipe';