From ce23b0f19dda0b49971ffab5389c5faae80e6cf7 Mon Sep 17 00:00:00 2001
From: Caroline <RyoshiKayo@users.noreply.github.com>
Date: Thu, 27 Apr 2017 00:04:19 -0700
Subject: [PATCH] Keep the bad guys out >:c (#36)

---
 lolisafe.js  | 2 ++
 package.json | 1 +
 2 files changed, 3 insertions(+)

diff --git a/lolisafe.js b/lolisafe.js
index 57b7e5f..41807f0 100644
--- a/lolisafe.js
+++ b/lolisafe.js
@@ -1,6 +1,7 @@
 const config = require('./config.js')
 const api = require('./routes/api.js')
 const express = require('express')
+const helmet = require('helmet')
 const bodyParser = require('body-parser')
 const RateLimit = require('express-rate-limit')
 const db = require('knex')(config.database)
@@ -14,6 +15,7 @@ fs.existsSync('./' + config.logsFolder) || fs.mkdirSync('./' + config.logsFolder
 fs.existsSync('./' + config.uploads.folder) || fs.mkdirSync('./' + config.uploads.folder)
 fs.existsSync('./' + config.uploads.folder + '/thumbs') || fs.mkdirSync('./' + config.uploads.folder + '/thumbs')
 
+safe.use(helmet())
 safe.set('trust proxy', 1)
 
 let limiter = new RateLimit({ windowMs: 5000, max: 2 })
diff --git a/package.json b/package.json
index 73cb98d..ab0f147 100644
--- a/package.json
+++ b/package.json
@@ -21,6 +21,7 @@
     "express-rate-limit": "^2.6.0",
     "fluent-ffmpeg": "^2.1.0",
     "gm": "^1.23.0",
+    "helmet": "^3.5.0",
     "knex": "^0.12.6",
     "multer": "^1.2.1",
     "randomstring": "^1.1.5",