Skip to content

Commit

Permalink
Merge pull request meanjs#332 from bmonty/bmonty/issue-318
Browse files Browse the repository at this point in the history 
move helmet and express.static before sessions for performance
  • Loading branch information
@lirantal
lirantal committed Jan 6, 2015
2 parents 9066907 + ca009b9 commit bde2412
Showing 1 changed file with 11 additions and 11 deletions.
22 changes: 11 additions & 11 deletions config/express.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,16 @@ module.exports = function(db) {
app.use(bodyParser.json());
app.use(methodOverride());

// Use helmet to secure Express headers
app.use(helmet.xframe());
app.use(helmet.xssFilter());
app.use(helmet.nosniff());
app.use(helmet.ienoopen());
app.disable('x-powered-by');

// Setting the app router and static folder
app.use(express.static(path.resolve('./public')));

// CookieParser should be above session
app.use(cookieParser());

Expand All @@ -108,16 +118,6 @@ module.exports = function(db) {
// connect flash for flash messages
app.use(flash());

// Use helmet to secure Express headers
app.use(helmet.xframe());
app.use(helmet.xssFilter());
app.use(helmet.nosniff());
app.use(helmet.ienoopen());
app.disable('x-powered-by');

// Setting the app router and static folder
app.use(express.static(path.resolve('./public')));

// Globbing routing files
config.getGlobbedFiles('./app/routes/**/*.js').forEach(function(routePath) {
require(path.resolve(routePath))(app);
Expand Down Expand Up @@ -162,4 +162,4 @@ module.exports = function(db) {

// Return Express server instance
return app;
};
};

0 comments on commit bde2412

Please sign in to comment.