docs

Security

When building a full stack application, by default, following the Content Security Policy directives, you cannot use in-line javascript or display images from unregistered urls, so within app/config/security.ts you can change the directives you want to, for example, allow the creation and use of within the view. If you don’t change anything, the images and assets used in the views must be in some static assets folder.

Read more about the Content Security Policy in https://developer.mozilla.org/pt-BR/docs/Web/HTTP/Headers/Content-Security-Policy

Summary

• HefestosJS Docs

  • Prerequisites
  • Installation
  • Command Scripts
  • Env
  • Database
  • Routes
  • Controllers
  • Services
  • Validation
  • ApiResponse
  • Factories
  • Tests
  • Periodic Tasks and Jobs
  • Security
  • Performance
  • Static Assets
  • Middlewares
    • Register a Server Middleware
    • Boot Operations
    • Upload
  • Helpers and Hooks
    • AppError
    • File
    • renderHtml
    • useExclude
    • usePaginate
    • useCache
  • Logs
  • Generate files
  • Modules
    • Authentication
      • API Session Strategy
      • Full Stack Session Strategy
      • Token Strategy
    • Mailer
    • Layouts, views and partials
      • Forms
      • Template Engine
    • Upload
  • References
  • Author