Can't set custom headers like X-Frame-Options

BadZombi · August 23, 2016, 9:21pm

I want to be able to set some security headers on pages served by the ember app.

alternately… is there any middleware like helmet ( helmet - npm ) I can just drop in?

I’ve googled everything I can think of and have tried all the solutions that were even remotely similar to my situation.

Helmet has been my solution for plain old express apps but I dont see how to use it with Ember. I’ve essentially inherited an Ember codebase as the original developers have been rotated onto other projects. Ember is quite new to me.

Thanks!

acorncom · August 24, 2016, 2:49am

Ember isn’t actually able to set headers, as it’s just JavaScript files that are served up by something else. You’ll want to set those headers with your web server of choice instead.

broerse · August 24, 2016, 4:51am

Not sure this is what you want but you can add headers like this:

https://github.com/martinic/ember-simple-auth-pouch/commit/0c1b63ed1bdaa0b4e92c21cb21483d75a9ca42a7

BadZombi · August 24, 2016, 8:16pm

Figured out that I could do what I wanted in our buildpack on heroku. I was mistakenly thinking that there was an underlying express server tied to the Ember app.

Thanks!

Topic		Replies	Views
Can I run ember new with some basic settings that I always use? Ember CLI	4	1103	February 7, 2015
Adding a custom banner/header to Ember CLI Blueprints Ember CLI	1	1055	May 2, 2015
Is there a Heroku buildpack for ember-cli app with custom (express.js) server? Ember CLI	2	1703	March 29, 2015
Ember-CLI express server for production Ember CLI	1	1330	December 7, 2014
Alternative loader.js for ember-cli	2	1734	September 25, 2014

Can't set custom headers like X-Frame-Options

Related Topics