0
I’m trying to use Helmet, but every time I add it to the code I get this error: 
and jquery and bootstrap don’t work
When I take out the Elmet the errors disappear
Code:
// Importações
require('dotenv').config()
const express = require('express')
const app = express()
const server = require('http').createServer(app)
const handlebars = require('express-handlebars')
const mongoose = require('mongoose')
const morgan = require('morgan')
const cors = require('cors')
const session = require('express-session')
const flash = require('connect-flash')
const path = require('path')
const cookieParser = require('cookie-parser')
const handlebarsOriginal = require('handlebars')
const { allowInsecurePrototypeAccess } = require('@handlebars/allow-prototype-access')
const passport = require('passport')
const mongoStore = require('connect-mongo')
const helmet = require('helmet')
// Úteis
const io = require('./utils/socket').iniciar(server)
const veriCep = require('./utils/veriCep')
const data = require('./utils/data')
// Middlewares
const veriMiddleware = require('./middlewares/middlewares')
// Routes
const alunosRouter = require('./routes/alunos')
const turmasRouter = require('./routes/turmas')
// Models
const alunosModels = require('./models/aluno')
const turmasModels = require('./models/turma')
// Config
const urlMongo = require('./config/db').urlMongo
const port = require('./config/port')
require('./config/auth')(passport)
// Config geral
// helmet
app.use(helmet())
// Proxy
app.set('trust proxy', 1)
// Segurança
app.disable('x-powered-by')
// Sessão
app.use(session({
secret: process.env.SECRET_KEY_SESSION,
resave: false,
saveUninitialized: true,
name: 'sessionId',
cookie: {
maxAge: 315360000000000
},
store: mongoStore.create({
mongoUrl: urlMongo,
mongoOptions: {
useNewUrlParser: true,
useUnifiedTopology: true
},
ttl: 315360000000000
})
}))
app.use(passport.initialize())
app.use(passport.session())
app.use(flash())
// Middleware
app.use((req, res, next) => {
res.locals.erro_msg = req.flash('erro_msg')
res.locals.sucesso_msg = req.flash('sucesso_msg')
res.locals.alert_msg = req.flash('alert_msg')
res.locals.primario_msg = req.flash('primario_msg')
res.locals.error = req.flash('error')
res.locals.success = req.flash('success')
res.locals.logado = req.user || false
next()
})
// Body Parser
app.use(express.urlencoded({extended: true}))
app.use(express.json())
// Express HandleBars
app.engine('handlebars', handlebars({defaultLayout: 'main', handlebars: allowInsecurePrototypeAccess(handlebarsOriginal), helpers: {
dominio: process.env.DOMINIO
}}))
app.set('view engine', 'handlebars')
// Mongoose
mongoose.connect(urlMongo, {useNewUrlParser: true, useUnifiedTopology: true, useFindAndModify: false})
// Public
app.use('/public', express.static(path.join(__dirname, '/public')))
// Morgan
app.use(morgan('dev'))
// Cors
app.use(cors())
// Grupo de rotas
app.use('/alunos', alunosRouter)
app.use('/turmas', turmasRouter)
// Rotas solo
app.get('/', veriMiddleware.login, veriMiddleware.voltar, (req, res) => {
res.render('index')
})
app.get('/login', (req, res) => {
if (req.isAuthenticated()) {
res.redirect('/')
} else {
res.render('login')
}
})
app.post('/login-veri', (req, res, next) => {
passport.authenticate('local', {
successRedirect: '/',
successFlash: true,
failureRedirect: '/login',
failureFlash: true
})(req, res, next)
})
app.get('/logout', veriMiddleware.login, veriMiddleware.voltar, (req, res) => {
if (req.isAuthenticated()) {
req.logout()
req.flash('primario_msg', 'Logout feito com sucesso')
res.redirect('/login')
} else {
res.redirect('/login')
}
})
// Erro 404
app.use((req, res) => {
res.status(404).render('404')
})
// Socket.io
io.on('connection', socket => {
socket.on('alunoNameVeri', nomeAluno => {
alunosModels.findOne({nome: nomeAluno}, (err, aluno) => {
if (aluno) {
socket.emit('alunoVeri', true)
} else {
socket.emit('alunoVeri', false)
}
})
})
socket.on('veri-cep-alunos-cadas', async cep => {
const endereco = await veriCep(cep)
socket.emit('veri-cep-alunos-cadas-res', endereco)
})
socket.on('turmaVeriCadas', nomeSerie => {
turmasModels.findOne({nome: nomeSerie}, (err, turma) => {
if (turma) {
socket.emit('turmaVeriCadasRes', true)
} else {
socket.emit('turmaVeriCadasRes', false)
}
})
})
socket.on('veri-alunos-alunos', async quant => {
const alunos = await alunosModels.find({})
let recarregar = false
if (quant != alunos.length) {
recarregar = true
}
socket.emit('veri-alunos-alunos-res', recarregar)
})
socket.on('veri-turmas-turmas', async quant => {
const turmas = await turmasModels.find({})
let recarregar = false
if (quant != turmas.length) {
recarregar = true
}
socket.emit('veri-turmas-turmas-res', recarregar)
})
socket.on('veri-alunos-alunos-pesquisa', async pesquisa => {
const nomes = (await alunosModels.find({}).select('nome')).map(aluno => aluno.nome)
let alunosAchados = []
for (let cont = 0;cont <= nomes.length;cont++) {
const nome = String(nomes[cont])
if (nome.toUpperCase().includes(pesquisa.toUpperCase().trim())) {
try {
alunosAchados.push((await alunosModels.findOne({nome: nome}).select('nome'))._id)
} catch {
}
}
}
alunosAchados.map((aluno, index) => {
if (index == alunosAchados.length-1) {
aluno.ultimo = true
}
})
if (alunosAchados.length >= 1) {
socket.emit('veri-alunos-alunos-pesquisa-res', {
alunos: alunosAchados,
ultimo: alunosAchados.length-1
})
} else {
socket.emit('veri-alunos-alunos-pesquisa-res', false)
}
})
})
// Config de porta
server.listen(port, () => {
console.log('Servidor Rodando')
})
// Exportações
module.exports = io
Complete code: https://github.com/Miguelpenha/Escola-Node-Js
Could someone tell me how to use Helmet without these errors, and with jquery and bootstrap working?
Adjust the
helmetforapp.use(
 helmet({
 contentSecurityPolicy: false,
 })
);works?– Cmte Cardeal
Unfortunately it doesn’t solve...
– Miguel Penha