[Fixed] does it matter where I place app.use(helmet… within the app.use statements?


I have a node.js application where I’m using multiple app.use statements. I want to include the app.use(helmet.frameguard({ action: 'deny' })); line to prevent clickjacking by preventing my site from appearing in iframes and I wanted to ask whether it matters where I place this line in the order of the app.use statements? Do I need to place it in a particular place amongst all the other app.use statements (e.g. app.use(cookie-parser());)


I mean it does, all middleware run line by line or you can say synchronously.

Just make sure to you should place it above route initialization (since if it goes to routes it might be possible that you are returning the function response from there only, so it wont go to next middleware, since response already sent). Can paste it above or below cookie-parser.

Leave a Reply

(*) Required, Your email will not be published