Register Helmet before Nest route mounts | Critiq Docs

#Metadata

Rule ID: ts.security.nestjs-helmet-after-route-mount
Severity: medium
Confidence: 0.8
Languages: javascript, typescript
Presets: recommended, security, strict
Stability: experimental
Applies to: block
Tags: nestjs, rules-catalog, security

#Why it matters

Middleware order determines whether framed routes inherit Helmet protections; mounting routers too early widens exposure.

#Remediation

Call `helmet()` before registering routers bound to external paths unless another gateway applies equivalent protections.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.nestjs-helmet-after-route-mount.rule.yaml.

Back to directory Open rule in repository