Move internal server to submodule

9 files changed, 0 insertions, 995 deletions

diff --git a/src/server/config/app.js b/src/server/config/app.js
deleted file mode 100644
index 7938b81df..000000000
--- a/src/server/config/app.js
+++ /dev/null
@@ -1,242 +0,0 @@
-
-/** @type {import('@adonisjs/framework/src/Env')} */
-const Env = use('Env');
-
-module.exports = {
-
-  /*
-  |--------------------------------------------------------------------------
-  | Application Name
-  |--------------------------------------------------------------------------
-  |
-  | This value is the name of your application and can used when you
-  | need to place the application's name in a email, view or
-  | other location.
-  |
-  */
-
-  name: Env.get('APP_NAME', 'Ferdi Internal Server'),
-
-  /*
-  |--------------------------------------------------------------------------
-  | App Key
-  |--------------------------------------------------------------------------
-  |
-  | App key is a randomly generated 16 or 32 characters long string required
-  | to encrypt cookies, sessions and other sensitive data.
-  |
-  */
-  appKey: Env.getOrFail('APP_KEY'),
-
-  http: {
-    /*
-    |--------------------------------------------------------------------------
-    | Allow Method Spoofing
-    |--------------------------------------------------------------------------
-    |
-    | Method spoofing allows to make requests by spoofing the http verb.
-    | Which means you can make a GET request but instruct the server to
-    | treat as a POST or PUT request. If you want this feature, set the
-    | below value to true.
-    |
-    */
-    allowMethodSpoofing: true,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Trust Proxy
-    |--------------------------------------------------------------------------
-    |
-    | Trust proxy defines whether X-Forwarded-* headers should be trusted or not.
-    | When your application is behind a proxy server like nginx, these values
-    | are set automatically and should be trusted. Apart from setting it
-    | to true or false Adonis supports handful or ways to allow proxy
-    | values. Read documentation for that.
-    |
-    */
-    trustProxy: false,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Subdomains
-    |--------------------------------------------------------------------------
-    |
-    | Offset to be used for returning subdomains for a given request.For
-    | majority of applications it will be 2, until you have nested
-    | sudomains.
-    | cheatsheet.adonisjs.com      - offset - 2
-    | virk.cheatsheet.adonisjs.com - offset - 3
-    |
-    */
-    subdomainOffset: 2,
-
-    /*
-    |--------------------------------------------------------------------------
-    | JSONP Callback
-    |--------------------------------------------------------------------------
-    |
-    | Default jsonp callback to be used when callback query string is missing
-    | in request url.
-    |
-    */
-    jsonpCallback: 'callback',
-
-
-    /*
-    |--------------------------------------------------------------------------
-    | Etag
-    |--------------------------------------------------------------------------
-    |
-    | Set etag on all HTTP response. In order to disable for selected routes,
-    | you can call the `response.send` with an options object as follows.
-    |
-    | response.send('Hello', { ignoreEtag: true })
-    |
-    */
-    etag: false,
-  },
-
-  views: {
-    /*
-    |--------------------------------------------------------------------------
-    | Cache Views
-    |--------------------------------------------------------------------------
-    |
-    | Define whether or not to cache the compiled view. Set it to true in
-    | production to optimize view loading time.
-    |
-    */
-    cache: Env.get('CACHE_VIEWS', true),
-  },
-
-  static: {
-    /*
-    |--------------------------------------------------------------------------
-    | Dot Files
-    |--------------------------------------------------------------------------
-    |
-    | Define how to treat dot files when trying to server static resources.
-    | By default it is set to ignore, which will pretend that dotfiles
-    | does not exists.
-    |
-    | Can be one of the following
-    | ignore, deny, allow
-    |
-    */
-    dotfiles: 'ignore',
-
-    /*
-    |--------------------------------------------------------------------------
-    | ETag
-    |--------------------------------------------------------------------------
-    |
-    | Enable or disable etag generation
-    |
-    */
-    etag: true,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Extensions
-    |--------------------------------------------------------------------------
-    |
-    | Set file extension fallbacks. When set, if a file is not found, the given
-    | extensions will be added to the file name and search for. The first
-    | that exists will be served. Example: ['html', 'htm'].
-    |
-    */
-    extensions: false,
-  },
-
-  locales: {
-    /*
-    |--------------------------------------------------------------------------
-    | Loader
-    |--------------------------------------------------------------------------
-    |
-    | The loader to be used for fetching and updating locales. Below is the
-    | list of available options.
-    |
-    | file, database
-    |
-    */
-    loader: 'file',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Default Locale
-    |--------------------------------------------------------------------------
-    |
-    | Default locale to be used by Antl provider. You can always switch drivers
-    | in runtime or use the official Antl middleware to detect the driver
-    | based on HTTP headers/query string.
-    |
-    */
-    locale: 'en',
-  },
-
-  logger: {
-    /*
-    |--------------------------------------------------------------------------
-    | Transport
-    |--------------------------------------------------------------------------
-    |
-    | Transport to be used for logging messages. You can have multiple
-    | transports using same driver.
-    |
-    | Available drivers are: `file` and `console`.
-    |
-    */
-    transport: 'console',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Console Transport
-    |--------------------------------------------------------------------------
-    |
-    | Using `console` driver for logging. This driver writes to `stdout`
-    | and `stderr`
-    |
-    */
-    console: {
-      driver: 'console',
-      name: 'adonis-app',
-      level: 'info',
-    },
-
-    /*
-    |--------------------------------------------------------------------------
-    | File Transport
-    |--------------------------------------------------------------------------
-    |
-    | File transport uses file driver and writes log messages for a given
-    | file inside `tmp` directory for your app.
-    |
-    | For a different directory, set an absolute path for the filename.
-    |
-    */
-    file: {
-      driver: 'file',
-      name: 'adonis-app',
-      filename: 'adonis.log',
-      level: 'info',
-    },
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Generic Cookie Options
-  |--------------------------------------------------------------------------
-  |
-  | The following cookie options are generic settings used by AdonisJs to create
-  | cookies. However, some parts of the application like `sessions` can have
-  | separate settings for cookies inside `config/session.js`.
-  |
-  */
-  cookie: {
-    httpOnly: true,
-    sameSite: false,
-    path: '/',
-    maxAge: 7200,
-  },
-};
diff --git a/src/server/config/auth.js b/src/server/config/auth.js
deleted file mode 100644
index b831b06c6..000000000
--- a/src/server/config/auth.js
+++ /dev/null
@@ -1,93 +0,0 @@
-
-/** @type {import('@adonisjs/framework/src/Env')} */
-const Env = use('Env');
-
-module.exports = {
-  /*
-  |--------------------------------------------------------------------------
-  | Authenticator
-  |--------------------------------------------------------------------------
-  |
-  | Authentication is a combination of serializer and scheme with extra
-  | config to define on how to authenticate a user.
-  |
-  | Available Schemes - basic, session, jwt, api
-  | Available Serializers - lucid, database
-  |
-  */
-  authenticator: 'jwt',
-
-  /*
-  |--------------------------------------------------------------------------
-  | Session
-  |--------------------------------------------------------------------------
-  |
-  | Session authenticator makes use of sessions to authenticate a user.
-  | Session authentication is always persistent.
-  |
-  */
-  session: {
-    serializer: 'lucid',
-    model: 'App/Models/User',
-    scheme: 'session',
-    uid: 'email',
-    password: 'password',
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Basic Auth
-  |--------------------------------------------------------------------------
-  |
-  | The basic auth authenticator uses basic auth header to authenticate a
-  | user.
-  |
-  | NOTE:
-  | This scheme is not persistent and users are supposed to pass
-  | login credentials on each request.
-  |
-  */
-  basic: {
-    serializer: 'lucid',
-    model: 'App/Models/User',
-    scheme: 'basic',
-    uid: 'email',
-    password: 'password',
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Jwt
-  |--------------------------------------------------------------------------
-  |
-  | The jwt authenticator works by passing a jwt token on each HTTP request
-  | via HTTP `Authorization` header.
-  |
-  */
-  jwt: {
-    serializer: 'lucid',
-    model: 'App/Models/User',
-    scheme: 'jwt',
-    uid: 'email',
-    password: 'password',
-    options: {
-      secret: Env.get('APP_KEY'),
-    },
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Api
-  |--------------------------------------------------------------------------
-  |
-  | The Api scheme makes use of API personal tokens to authenticate a user.
-  |
-  */
-  api: {
-    serializer: 'lucid',
-    model: 'App/Models/User',
-    scheme: 'api',
-    uid: 'email',
-    password: 'password',
-  },
-};
diff --git a/src/server/config/bodyParser.js b/src/server/config/bodyParser.js
deleted file mode 100644
index c336e67d2..000000000
--- a/src/server/config/bodyParser.js
+++ /dev/null
@@ -1,156 +0,0 @@
-
-module.exports = {
-  /*
-  |--------------------------------------------------------------------------
-  | JSON Parser
-  |--------------------------------------------------------------------------
-  |
-  | Below settings are applied when the request body contains a JSON payload.
-  | If you want body parser to ignore JSON payloads, then simply set `types`
-  | to an empty array.
-  */
-  json: {
-    /*
-    |--------------------------------------------------------------------------
-    | limit
-    |--------------------------------------------------------------------------
-    |
-    | Defines the limit of JSON that can be sent by the client. If payload
-    | is over 1mb it will not be processed.
-    |
-    */
-    limit: '50mb',
-
-    /*
-    |--------------------------------------------------------------------------
-    | strict
-    |--------------------------------------------------------------------------
-    |
-    | When `strict` is set to true, body parser will only parse Arrays and
-    | Object. Otherwise everything parseable by `JSON.parse` is parsed.
-    |
-    */
-    strict: true,
-
-    /*
-    |--------------------------------------------------------------------------
-    | types
-    |--------------------------------------------------------------------------
-    |
-    | Which content types are processed as JSON payloads. You are free to
-    | add your own types here, but the request body should be parseable
-    | by `JSON.parse` method.
-    |
-    */
-    types: [
-      'application/json',
-      'application/json-patch+json',
-      'application/vnd.api+json',
-      'application/csp-report',
-    ],
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Raw Parser
-  |--------------------------------------------------------------------------
-  |
-  |
-  |
-  */
-  raw: {
-    types: [
-      'text/*',
-    ],
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Form Parser
-  |--------------------------------------------------------------------------
-  |
-  |
-  |
-  */
-  form: {
-    types: [
-      'application/x-www-form-urlencoded',
-    ],
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Files Parser
-  |--------------------------------------------------------------------------
-  |
-  |
-  |
-  */
-  files: {
-    types: [
-      'multipart/form-data',
-    ],
-
-    /*
-    |--------------------------------------------------------------------------
-    | Max Size
-    |--------------------------------------------------------------------------
-    |
-    | Below value is the max size of all the files uploaded to the server. It
-    | is validated even before files have been processed and hard exception
-    | is thrown.
-    |
-    | Consider setting a reasonable value here, otherwise people may upload GB's
-    | of files which will keep your server busy.
-    |
-    | Also this value is considered when `autoProcess` is set to true.
-    |
-    */
-    maxSize: '20mb',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Auto Process
-    |--------------------------------------------------------------------------
-    |
-    | Whether or not to auto-process files. Since HTTP servers handle files via
-    | couple of specific endpoints. It is better to set this value off and
-    | manually process the files when required.
-    |
-    | This value can contain a boolean or an array of route patterns
-    | to be autoprocessed.
-    */
-    autoProcess: true,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Process Manually
-    |--------------------------------------------------------------------------
-    |
-    | The list of routes that should not process files and instead rely on
-    | manual process. This list should only contain routes when autoProcess
-    | is to true. Otherwise everything is processed manually.
-    |
-    */
-    processManually: [],
-
-    /*
-    |--------------------------------------------------------------------------
-    | Temporary file name
-    |--------------------------------------------------------------------------
-    |
-    | Define a function, which should return a string to be used as the
-    | tmp file name.
-    |
-    | If not defined, Bodyparser will use `uuid` as the tmp file name.
-    |
-    | To be defined as. If you are defining the function, then do make sure
-    | to return a value from it.
-    |
-    | tmpFileName () {
-    |   return 'some-unique-value'
-    | }
-    |
-    */
-  },
-};
diff --git a/src/server/config/cors.js b/src/server/config/cors.js
deleted file mode 100644
index 7ebbe3ffa..000000000
--- a/src/server/config/cors.js
+++ /dev/null
@@ -1,86 +0,0 @@
-
-module.exports = {
-  /*
-  |--------------------------------------------------------------------------
-  | Origin
-  |--------------------------------------------------------------------------
-  |
-  | Set a list of origins to be allowed. The value can be one of the following
-  |
-  | Boolean: true - Allow current request origin
-  | Boolean: false - Disallow all
-  | String - Comma separated list of allowed origins
-  | Array - An array of allowed origins
-  | String: * - A wildcard to allow current request origin
-  | Function - Receives the current origin and should return one of the above values.
-  |
-  */
-  origin: false,
-
-  /*
-  |--------------------------------------------------------------------------
-  | Methods
-  |--------------------------------------------------------------------------
-  |
-  | HTTP methods to be allowed. The value can be one of the following
-  |
-  | String - Comma separated list of allowed methods
-  | Array - An array of allowed methods
-  |
-  */
-  methods: ['GET', 'PUT', 'PATCH', 'POST', 'DELETE'],
-
-  /*
-  |--------------------------------------------------------------------------
-  | Headers
-  |--------------------------------------------------------------------------
-  |
-  | List of headers to be allowed via Access-Control-Request-Headers header.
-  | The value can be one of the following.
-  |
-  | Boolean: true - Allow current request headers
-  | Boolean: false - Disallow all
-  | String - Comma separated list of allowed headers
-  | Array - An array of allowed headers
-  | String: * - A wildcard to allow current request headers
-  | Function - Receives the current header and should return one of the above values.
-  |
-  */
-  headers: true,
-
-  /*
-  |--------------------------------------------------------------------------
-  | Expose Headers
-  |--------------------------------------------------------------------------
-  |
-  | A list of headers to be exposed via `Access-Control-Expose-Headers`
-  | header. The value can be one of the following.
-  |
-  | Boolean: false - Disallow all
-  | String: Comma separated list of allowed headers
-  | Array - An array of allowed headers
-  |
-  */
-  exposeHeaders: false,
-
-  /*
-  |--------------------------------------------------------------------------
-  | Credentials
-  |--------------------------------------------------------------------------
-  |
-  | Define Access-Control-Allow-Credentials header. It should always be a
-  | boolean.
-  |
-  */
-  credentials: false,
-
-  /*
-  |--------------------------------------------------------------------------
-  | MaxAge
-  |--------------------------------------------------------------------------
-  |
-  | Define Access-Control-Allow-Max-Age
-  |
-  */
-  maxAge: 90,
-};
diff --git a/src/server/config/database.js b/src/server/config/database.js
deleted file mode 100644
index a413f7050..000000000
--- a/src/server/config/database.js
+++ /dev/null
@@ -1,83 +0,0 @@
-
-/** @type {import('@adonisjs/framework/src/Env')} */
-const Env = use('Env');
-
-const dbPath = process.env.DB_PATH;
-
-module.exports = {
-  /*
-  |--------------------------------------------------------------------------
-  | Default Connection
-  |--------------------------------------------------------------------------
-  |
-  | Connection defines the default connection settings to be used while
-  | interacting with SQL databases.
-  |
-  */
-  connection: Env.get('DB_CONNECTION', 'sqlite'),
-
-  /*
-  |--------------------------------------------------------------------------
-  | Sqlite
-  |--------------------------------------------------------------------------
-  |
-  | Sqlite is a flat file database and can be a good choice for a development
-  | environment.
-  |
-  | npm i --save sqlite3
-  |
-  */
-  sqlite: {
-    client: 'sqlite3',
-    connection: {
-      // filename: Helpers.databasePath(`${Env.get('DB_DATABASE', 'development')}.sqlite`),
-      filename: dbPath,
-    },
-    useNullAsDefault: true,
-    debug: Env.get('DB_DEBUG', false),
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | MySQL
-  |--------------------------------------------------------------------------
-  |
-  | Here we define connection settings for MySQL database.
-  |
-  | npm i --save mysql
-  |
-  */
-  mysql: {
-    client: 'mysql',
-    connection: {
-      host: Env.get('DB_HOST', 'localhost'),
-      port: Env.get('DB_PORT', ''),
-      user: Env.get('DB_USER', 'root'),
-      password: Env.get('DB_PASSWORD', ''),
-      database: Env.get('DB_DATABASE', 'adonis'),
-    },
-    debug: Env.get('DB_DEBUG', false),
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | PostgreSQL
-  |--------------------------------------------------------------------------
-  |
-  | Here we define connection settings for PostgreSQL database.
-  |
-  | npm i --save pg
-  |
-  */
-  pg: {
-    client: 'pg',
-    connection: {
-      host: Env.get('DB_HOST', 'localhost'),
-      port: Env.get('DB_PORT', ''),
-      user: Env.get('DB_USER', 'root'),
-      password: Env.get('DB_PASSWORD', ''),
-      database: Env.get('DB_DATABASE', 'adonis'),
-    },
-    debug: Env.get('DB_DEBUG', false),
-  },
-};
diff --git a/src/server/config/drive.js b/src/server/config/drive.js
deleted file mode 100644
index 617ce470a..000000000
--- a/src/server/config/drive.js
+++ /dev/null
@@ -1,45 +0,0 @@
-const Env = use('Env');
-
-module.exports = {
-  /*
-  |--------------------------------------------------------------------------
-  | Default disk
-  |--------------------------------------------------------------------------
-  |
-  | The default disk is used when you interact with the file system without
-  | defining a disk name
-  |
-  */
-  default: 'local',
-
-  disks: {
-    /*
-    |--------------------------------------------------------------------------
-    | Local
-    |--------------------------------------------------------------------------
-    |
-    | Local disk interacts with the a local folder inside your application
-    |
-    */
-    local: {
-      root: `${__dirname}/../recipes`,
-      driver: 'local',
-    },
-
-    /*
-    |--------------------------------------------------------------------------
-    | S3
-    |--------------------------------------------------------------------------
-    |
-    | S3 disk interacts with a bucket on aws s3
-    |
-    */
-    s3: {
-      driver: 's3',
-      key: Env.get('S3_KEY'),
-      secret: Env.get('S3_SECRET'),
-      bucket: Env.get('S3_BUCKET'),
-      region: Env.get('S3_REGION'),
-    },
-  },
-};
diff --git a/src/server/config/hash.js b/src/server/config/hash.js
deleted file mode 100644
index 297c977fc..000000000
--- a/src/server/config/hash.js
+++ /dev/null
@@ -1,48 +0,0 @@
-
-/** @type {import('@adonisjs/framework/src/Env')} */
-const Env = use('Env');
-
-module.exports = {
-  /*
-  |--------------------------------------------------------------------------
-  | Driver
-  |--------------------------------------------------------------------------
-  |
-  | Driver to be used for hashing values. The same driver is used by the
-  | auth module too.
-  |
-  */
-  driver: Env.get('HASH_DRIVER', 'bcrypt'),
-
-  /*
-  |--------------------------------------------------------------------------
-  | Bcrypt
-  |--------------------------------------------------------------------------
-  |
-  | Config related to bcrypt hashing. https://www.npmjs.com/package/bcrypt
-  | package is used internally.
-  |
-  */
-  bcrypt: {
-    rounds: 10,
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Argon
-  |--------------------------------------------------------------------------
-  |
-  | Config related to argon. https://www.npmjs.com/package/argon2 package is
-  | used internally.
-  |
-  | Since argon is optional, you will have to install the dependency yourself
-  |
-  |============================================================================
-  | npm i argon2
-  |============================================================================
-  |
-  */
-  argon: {
-    type: 1,
-  },
-};
diff --git a/src/server/config/session.js b/src/server/config/session.js
deleted file mode 100644
index bce28bdd9..000000000
--- a/src/server/config/session.js
+++ /dev/null
@@ -1,98 +0,0 @@
-
-const Env = use('Env');
-
-module.exports = {
-  /*
-  |--------------------------------------------------------------------------
-  | Session Driver
-  |--------------------------------------------------------------------------
-  |
-  | The session driver to be used for storing session values. It can be
-  | cookie, file or redis.
-  |
-  | For `redis` driver, make sure to install and register `@adonisjs/redis`
-  |
-  */
-  driver: Env.get('SESSION_DRIVER', 'cookie'),
-
-  /*
-  |--------------------------------------------------------------------------
-  | Cookie Name
-  |--------------------------------------------------------------------------
-  |
-  | The name of the cookie to be used for saving session id. Session ids
-  | are signed and encrypted.
-  |
-  */
-  cookieName: 'adonis-session',
-
-  /*
-  |--------------------------------------------------------------------------
-  | Clear session when browser closes
-  |--------------------------------------------------------------------------
-  |
-  | If this value is true, the session cookie will be temporary and will be
-  | removed when browser closes.
-  |
-  */
-  clearWithBrowser: true,
-
-  /*
-  |--------------------------------------------------------------------------
-  | Session age
-  |--------------------------------------------------------------------------
-  |
-  | This value is only used when `clearWithBrowser` is set to false. The
-  | age must be a valid https://npmjs.org/package/ms string or should
-  | be in milliseconds.
-  |
-  | Valid values are:
-  |  '2h', '10d', '5y', '2.5 hrs'
-  |
-  */
-  age: '2h',
-
-  /*
-  |--------------------------------------------------------------------------
-  | Cookie options
-  |--------------------------------------------------------------------------
-  |
-  | Cookie options defines the options to be used for setting up session
-  | cookie
-  |
-  */
-  cookie: {
-    httpOnly: true,
-    path: '/',
-    sameSite: false,
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Sessions location
-  |--------------------------------------------------------------------------
-  |
-  | If driver is set to file, we need to define the relative location from
-  | the temporary path or absolute url to any location.
-  |
-  */
-  file: {
-    location: 'sessions',
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Redis config
-  |--------------------------------------------------------------------------
-  |
-  | The configuration for the redis driver.
-  |
-  */
-  redis: {
-    host: '127.0.0.1',
-    port: 6379,
-    password: null,
-    db: 0,
-    keyPrefix: '',
-  },
-};
diff --git a/src/server/config/shield.js b/src/server/config/shield.js
deleted file mode 100644
index 5c1c5cd73..000000000
--- a/src/server/config/shield.js
+++ /dev/null
@@ -1,144 +0,0 @@
-
-module.exports = {
-  /*
-  |--------------------------------------------------------------------------
-  | Content Security Policy
-  |--------------------------------------------------------------------------
-  |
-  | Content security policy filters out the origins not allowed to execute
-  | and load resources like scripts, styles and fonts. There are wide
-  | variety of options to choose from.
-  */
-  csp: {
-    /*
-    |--------------------------------------------------------------------------
-    | Directives
-    |--------------------------------------------------------------------------
-    |
-    | All directives are defined in camelCase and here is the list of
-    | available directives and their possible values.
-    |
-    | https://content-security-policy.com
-    |
-    | @example
-    | directives: {
-    |   defaultSrc: ['self', '@nonce', 'cdnjs.cloudflare.com']
-    | }
-    |
-    */
-    directives: {
-    },
-    /*
-    |--------------------------------------------------------------------------
-    | Report only
-    |--------------------------------------------------------------------------
-    |
-    | Setting `reportOnly=true` will not block the scripts from running and
-    | instead report them to a URL.
-    |
-    */
-    reportOnly: false,
-    /*
-    |--------------------------------------------------------------------------
-    | Set all headers
-    |--------------------------------------------------------------------------
-    |
-    | Headers staring with `X` have been depreciated, since all major browsers
-    | supports the standard CSP header. So its better to disable deperciated
-    | headers, unless you want them to be set.
-    |
-    */
-    setAllHeaders: false,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Disable on android
-    |--------------------------------------------------------------------------
-    |
-    | Certain versions of android are buggy with CSP policy. So you can set
-    | this value to true, to disable it for Android versions with buggy
-    | behavior.
-    |
-    | Here is an issue reported on a different package, but helpful to read
-    | if you want to know the behavior. https://github.com/helmetjs/helmet/pull/82
-    |
-    */
-    disableAndroid: true,
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | X-XSS-Protection
-  |--------------------------------------------------------------------------
-  |
-  | X-XSS Protection saves from applications from XSS attacks. It is adopted
-  | by IE and later followed by some other browsers.
-  |
-  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
-  |
-  */
-  xss: {
-    enabled: true,
-    enableOnOldIE: false,
-  },
-
-  /*
-  |--------------------------------------------------------------------------
-  | Iframe Options
-  |--------------------------------------------------------------------------
-  |
-  | xframe defines whether or not your website can be embedded inside an
-  | iframe. Choose from one of the following options.
-  | @available options
-  | DENY, SAMEORIGIN, ALLOW-FROM http://example.com
-  |
-  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
-  */
-  xframe: 'DENY',
-
-  /*
-  |--------------------------------------------------------------------------
-  | No Sniff
-  |--------------------------------------------------------------------------
-  |
-  | Browsers have a habit of sniffing content-type of a response. Which means
-  | files with .txt extension containing Javascript code will be executed as
-  | Javascript. You can disable this behavior by setting nosniff to false.
-  |
-  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
-  |
-  */
-  nosniff: true,
-
-  /*
-  |--------------------------------------------------------------------------
-  | No Open
-  |--------------------------------------------------------------------------
-  |
-  | IE users can execute webpages in the context of your website, which is
-  | a serious security risk. Below option will manage this for you.
-  |
-  */
-  noopen: true,
-
-  /*
-  |--------------------------------------------------------------------------
-  | CSRF Protection
-  |--------------------------------------------------------------------------
-  |
-  | CSRF Protection adds another layer of security by making sure, actionable
-  | routes does have a valid token to execute an action.
-  |
-  */
-  csrf: {
-    enable: true,
-    methods: ['POST', 'PUT', 'DELETE'],
-    filterUris: [],
-    cookieOptions: {
-      httpOnly: false,
-      sameSite: true,
-      path: '/',
-      maxAge: 7200,
-    },
-  },
-};