nest学习：跨域，前缀路径，网站安全

 

 

yarn add helmet csurf

 

import { NestFactory } from '@nestjs/core';
import { Logger, ValidationPipe } from '@nestjs/common';

import * as helmet from 'helmet';
import * as csurf from 'csurf';

import { AppModule } from './app.module';

const PORT = process.env.PORT || 8000;

async function bootstrap() {
  const app = await NestFactory.create(AppModule);

  // 路径前缀：如：http://www.dmyxs.com/api/v1/user
  app.setGlobalPrefix('api/v1');

  //cors：跨域资源共享，方式一：允许跨站访问
  app.enableCors();
  // 方式二：const app = await NestFactory.create(AppModule, { cors: true });

  //防止跨站脚本攻击
  app.use(helmet());

  //CSRF保护：跨站点请求伪造
  app.use(csurf());
  
  await app.listen(PORT, () => {
    Logger.log(
      `服务已经启动,接口请访问:http://wwww.localhost:${PORT}${PREFIX}`,
    )
  });
}
bootstrap();