Interface WebApplicationOptions

Web Application Options

interface WebApplicationOptions {
    allowProcessErrors: boolean;
    autoHandle404: boolean;
    autoHandleOptions: boolean;
    autoStartTunnel: boolean;
    backlog: number;
    bindHost: string;
    bindPort: number;
    bodyLimit: number;
    compression: boolean;
    corsDomain: string;
    enableContentSecurityPolicyHeader?: boolean;
    helmet?: HelmetOptions;
    recommendedHeaders?: boolean;
    requestLogging?: boolean | "full";
    sessions?: true | SessionOptions;
    ssl: boolean | "devcert";
    sslCertificate?: string | Buffer;
    sslHostnames?: string | string[];
    sslPrivateKey?: string | Buffer;
    websocketsOptions?: ServerOptions<typeof WebSocket, typeof IncomingMessage>;
}

Properties

allowProcessErrors autoHandle404 autoHandleOptions autoStartTunnel backlog bindHost bindPort bodyLimit compression corsDomain enableContentSecurityPolicyHeader? helmet? recommendedHeaders? requestLogging? sessions? ssl sslCertificate? sslHostnames? sslPrivateKey? websocketsOptions?

Properties

allowProcessErrors

allowProcessErrors: boolean

If set to true, allows node to crash via thrown exceptions If set to false (or unset), thrown exceptions are swallowed and logged automatically

autoHandle404

autoHandle404: boolean

Whether we should auto handle 404s

Default

true

autoHandleOptions

autoHandleOptions: boolean

Whether we should auto handle options

Default

true

autoStartTunnel

autoStartTunnel: boolean

Auto start cloudflared?

backlog

backlog: number

TCP backlog for the underlying server

Default

511

bindHost

bindHost: string

The host address to bind to

Default

0.0.0.0 (all)

bindPort

bindPort: number

The bind port for the server

Default

440 if ssl, 80 if non-ssl

bodyLimit

bodyLimit: number

Body size limit in Megabytes (MB)

compression

compression: boolean

Whether compression should be enabled by default

Default

true

corsDomain

corsDomain: string

The CORS domain name to report in requests

Default

* (all)

Optional enableContentSecurityPolicyHeader

enableContentSecurityPolicyHeader?: boolean

Whether we enable the content security policy header by default

Default

false

Optional helmet

helmet?: HelmetOptions

Helmet module options

Optional recommendedHeaders

recommendedHeaders?: boolean

Whether we should return the default list of recommended headers with every request

Default

true

Optional requestLogging

requestLogging?: boolean | "full"

Whether we should log requests to file/console

Note: if set to full then the headers are also logged as well as the request body (if POST/PATCH/PUT)

Default

false

Optional sessions

sessions?: true | SessionOptions

Whether we enable session support

Note: At a minimum, a secret must be supplied if options are specified

ssl

ssl: boolean | "devcert"

Whether SSL should be enabled

Note: 'devcert' is only suitable for test systems as it will prompt to install a Root CA on the host for testing purposes only

Default

false

Optional sslCertificate

sslCertificate?: string | Buffer

The SSL certificate file and/or data.

Note: If a string is specified, a full path is expected

Optional sslHostnames

sslHostnames?: string | string[]

The SSL hostname(s) we should use when creating our devcert

Note: 'localhost' is always included

Default

<empty>

Optional sslPrivateKey

sslPrivateKey?: string | Buffer

The SSL private key file and/or data

Note: If a string is specified, a full path is expected

Optional websocketsOptions

websocketsOptions?: ServerOptions<typeof WebSocket, typeof IncomingMessage>

WebSocket server options

Settings

Member Visibility

Theme

On This Page

allowProcessErrorsautoHandle404autoHandleOptionsautoStartTunnelbacklogbindHostbindPortbodyLimitcompressioncorsDomainenableContentSecurityPolicyHeaderhelmetrecommendedHeadersrequestLoggingsessionssslsslCertificatesslHostnamessslPrivateKeywebsocketsOptions