From 28c5191b77a5c9fa855783a829aae4fb8703c265 Mon Sep 17 00:00:00 2001
From: "aikido-autofix[bot]"
 <119856028+aikido-autofix[bot]@users.noreply.github.com>
Date: Wed, 26 Mar 2025 14:10:28 +0000
Subject: [PATCH] fix(security): autofix Express is not emitting security
 headers

---
 server.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/server.js b/server.js
index d6bb500a2d..79cc81d070 100644
--- a/server.js
+++ b/server.js
@@ -1,6 +1,7 @@
 "use strict";
 
 const express = require("express");
+const helmet = require("helmet");
 const favicon = require("serve-favicon");
 const bodyParser = require("body-parser");
 const session = require("express-session");
@@ -13,6 +14,7 @@ const http = require("http");
 const marked = require("marked");
 //const nosniff = require('dont-sniff-mimetype');
 const app = express(); // Web framework to handle routing requests
+app.use(helmet());
 const routes = require("./app/routes");
 const { port, db, cookieSecret } = require("./config/config"); // Application config properties
 /*