{"id":18242,"library":"connect-header","title":"connect-header","description":"General header middleware for Connect/Express that allows setting arbitrary HTTP response headers via middleware configuration. Version 0.0.5 is the last release; no recent activity (last updated ~10 years ago). Extremely lightweight (no dependencies). Simpler than helmet or custom middleware for basic header setting, but unmaintained and not compatible with modern Express (>=4.x) or Koa.","status":"abandoned","version":"0.0.5","language":"javascript","source_language":"en","source_url":"https://github.com/luics/connect-header","tags":["javascript","connect","express","header","general"],"install":[{"cmd":"npm install connect-header","lang":"bash","label":"npm"},{"cmd":"yarn add connect-header","lang":"bash","label":"yarn"},{"cmd":"pnpm add connect-header","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"note":"This package does not export ES modules; it uses CommonJS.","wrong":"import header from 'connect-header'","symbol":"connect-header","correct":"const header = require('connect-header')"},{"note":"The middleware is a function that takes an options object; calling it without options will throw.","wrong":"app.use(header) // calling without options","symbol":"configured middleware","correct":"app.use(header({ 'X-Custom': 'value' }))"},{"note":"Works with Express 3.x; may not be compatible with Express 4+ routing changes.","wrong":"app.use(header({ 'X-Frame-Options': 'DENY' })) // without requiring express properly","symbol":"Express usage","correct":"const express = require('express'); const header = require('connect-header'); const app = express(); app.use(header({ 'X-Frame-Options': 'DENY' }))"}],"quickstart":{"code":"const http = require('http');\nconst connect = require('connect');\nconst header = require('connect-header');\n\nconst app = connect();\napp.use(header({\n  'X-Frame-Options': 'DENY',\n  'X-Content-Type-Options': 'nosniff',\n  'X-XSS-Protection': '1; mode=block',\n  'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'\n}));\n\napp.use((req, res) => {\n  res.end('Hello World!');\n});\n\nhttp.createServer(app).listen(3000);\nconsole.log('Server running on port 3000');","lang":"javascript","description":"Shows how to set multiple HTTP security headers using connect-header middleware in a vanilla Connect app."},"warnings":[{"fix":"Always call header({ ... }) with an object.","message":"Must pass an options object; calling the middleware without arguments will throw an error.","severity":"gotcha","affected_versions":"all"},{"fix":"Consider using helmet or write your own middleware.","message":"Package is essentially unmaintained; no updates since 2013.","severity":"deprecated","affected_versions":"all"},{"fix":"Use with Express 3.x or migrate to helmet.","message":"Compatibility issues with Express 4.x due to changes in middleware signature.","severity":"gotcha","affected_versions":"all"},{"fix":"Use a custom middleware with conditions if needed.","message":"The middleware sets headers for every request; cannot conditionally set headers based on route or request properties.","severity":"gotcha","affected_versions":"all"}],"env_vars":null,"last_verified":"2026-04-25T00:00:00.000Z","next_check":"2026-07-24T00:00:00.000Z","problems":[{"fix":"Use app.use(header({ 'X-Custom': 'value' }))","cause":"Calling the middleware without app.use(header()) but directly header() without options.","error":"TypeError: Cannot read property 'setHeader' of undefined"},{"fix":"Use a framework-compatible middleware.","cause":"Using the middleware with a framework that does not have a 'set' method on the response object (e.g., Koa or modern Express).","error":"TypeError: Object #<Object> has no method 'set'"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}