Showing results for 
Search instead for 
Did you mean: 

How to secure Spartacus with helmet?

Hello experts! We are trying to add helmet to our front end to make it more secure. If I understand correctly, Spartacus runs on an Express server so it should be compatible with helmet. I have added helmet to the package.json file and yarn install runs without any warnings. To our server.ts file I have added the following lines:

const server = express();

const helmet = require("helmet");

server.use(helmet.frameguard({ action: "SAMEORIGIN" }));

Still when I view the application the helmet specific HTTP headers do not appear in the requests sent to the server. How can I secure the app using helmet?

0 Kudos


As this issue is not relevant with SAP S/4HANA public cloud, I removed tag "SAP S/4HANA Cloud front end".

Best regards,


Accepted Solutions (0)

Answers (0)