Skip to content

Express middleware to set the Expect-CT header

License

Notifications You must be signed in to change notification settings

helmetjs/expect-ct

Repository files navigation

Expect-CT middleware

The Expect-CT HTTP header tells browsers to expect Certificate Transparency. For more, see this blog post and the article on MDN.

Usage:

const expectCt = require("expect-ct");

// Sets Expect-CT: max-age=123
app.use(expectCt({ maxAge: 123 }));

// Sets Expect-CT: enforce, max-age=123
app.use(
  expectCt({
    enforce: true,
    maxAge: 123,
  })
);

// Sets Expect-CT: enforce, max-age=30, report-uri="https://example.com/report"
app.use(
  expectCt({
    enforce: true,
    maxAge: 30,
    reportUri: "https://example.com/report",
  })
);