{"library":"frameguard","type":"library","category":null,"description":"Frameguard is an Express.js middleware designed to enhance web application security by setting the `X-Frame-Options` HTTP header. This header primarily helps mitigate clickjacking attacks by restricting whether a browser can render a page in an `<frame>`, `<iframe>`, `<embed>`, or `<object>` tag. The current stable version is 4.0.0, and its release cadence is generally tied to the broader Helmet.js project, of which it is a part, receiving updates alongside Helmet's release cycle. While the `X-Frame-Options` header is largely superseded by the more robust `frame-ancestors` Content Security Policy (CSP) directive in modern browsers, Frameguard remains valuable for providing a layer of protection against clickjacking in older browser environments that may not fully support CSP. It differentiates itself by offering a simple, focused implementation for the most common and secure directives: `DENY` (preventing any framing) and `SAMEORIGIN` (allowing framing only from the same origin).","language":"javascript","status":"active","version":"4.0.0","tags":["javascript","express","security","x-frame-options","clickjack","typescript"],"last_verified":"Wed May 27","install":[{"cmd":"npm install frameguard","imports":["import frameguard from 'frameguard';","const frameguard = require('frameguard');","import type { FrameguardOptions } from 'frameguard';"]},{"cmd":"yarn add frameguard","imports":[]},{"cmd":"pnpm add frameguard","imports":[]}],"homepage":"https://helmetjs.github.io","github":"https://github.com/helmetjs/helmet","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/frameguard","openapi_spec":null,"status_page":null,"smithery":null,"compatibility":{"summary":{"python_range":"18–22","success_rate":0,"avg_install_s":null,"avg_import_s":null,"wheel_type":null},"url":"https://checklist.day/v1/registry/frameguard/compatibility"}}