Security misconfiguration detected (Helmet missing).
- Rule ID: javascript_express_helmet_missing
- Languages: javascript
- Source: helmet_missing.yml
Description
Helmet can help protect your app from some well-known web vulnerabilities by setting HTTP headers appropriately.
Remediations
✅ Use Helmet middleware
const helmet = require("helmet")
app.use(helmet())Resources
Associated CWE
Configuration
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=javascript_express_helmet_missingTo run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=javascript_express_helmet_missingReady to take the next step? Learn more about Bearer Cloud.