From 5a4859a3be2afacf589aa9689e06090b5ea24bde Mon Sep 17 00:00:00 2001
From: Gitar <noreply@gitar.co>
Date: Wed, 18 Sep 2024 03:32:29 +0000
Subject: [PATCH] [Gitar] Updating TypeScript files

---
 src/lib/middleware/secure-headers.ts | 40 ----------------------------
 src/lib/types/experimental.ts        |  1 -
 src/server-dev.ts                    |  1 -
 3 files changed, 42 deletions(-)

diff --git a/src/lib/middleware/secure-headers.ts b/src/lib/middleware/secure-headers.ts
index 5eaa8926f3f3..066d39d06e9d 100644
--- a/src/lib/middleware/secure-headers.ts
+++ b/src/lib/middleware/secure-headers.ts
@@ -86,50 +86,10 @@ const secureHeaders: (config: IUnleashConfig) => RequestHandler = (config) => {
             originAgentCluster: false,
             xDnsPrefetchControl: false,
         });
-        const apiHelmet = helmet({
-            hsts: {
-                maxAge: hoursToSeconds(24 * 365 * 2), // 2 non-leap years
-                includeSubDomains: true,
-                preload: true,
-            },
-            contentSecurityPolicy: {
-                directives: {
-                    defaultSrc:
-                        helmet.contentSecurityPolicy
-                            .dangerouslyDisableDefaultSrc,
-                    fontSrc: null,
-                    styleSrc: null,
-                    scriptSrc: null,
-                    imgSrc: null,
-                    connectSrc: null,
-                    mediaSrc: null,
-                    objectSrc: null,
-                    frameSrc: null,
-                    upgradeInsecureRequests: null,
-                    scriptSrcAttr: null,
-                    baseUri: null,
-                    formAction: null,
-                    frameAncestors: ["'none'"],
-                },
-            },
-
-            crossOriginEmbedderPolicy: false,
-            crossOriginResourcePolicy: false,
-            crossOriginOpenerPolicy: false,
-            originAgentCluster: false,
-            xXssProtection: false,
-            xDnsPrefetchControl: false,
-            xFrameOptions: { action: 'deny' },
-        });
 
         return (req, res, next) => {
             if (req.method === 'OPTIONS') {
                 return next();
-            } else if (
-                req.path.startsWith(`${config.server.baseUriPath}/api/`) &&
-                config.flagResolver.isEnabled('stripHeadersOnAPI')
-            ) {
-                apiHelmet(req, res, next);
             } else {
                 defaultHelmet(req, res, next);
             }
diff --git a/src/lib/types/experimental.ts b/src/lib/types/experimental.ts
index 09e56e2bc3eb..d64e6e3facdc 100644
--- a/src/lib/types/experimental.ts
+++ b/src/lib/types/experimental.ts
@@ -25,7 +25,6 @@ export type IFlagKey =
     | 'advancedPlayground'
     | 'filterInvalidClientMetrics'
     | 'disableMetrics'
-    | 'stripHeadersOnAPI'
     | 'signals'
     | 'automatedActions'
     | 'celebrateUnleash'
diff --git a/src/server-dev.ts b/src/server-dev.ts
index be7e586391db..e0037f127f3b 100644
--- a/src/server-dev.ts
+++ b/src/server-dev.ts
@@ -40,7 +40,6 @@ process.nextTick(async () => {
                         embedProxyFrontend: true,
                         anonymiseEventLog: false,
                         responseTimeWithAppNameKillSwitch: false,
-                        stripHeadersOnAPI: true,
                         celebrateUnleash: true,
                         featureSearchFeedbackPosting: true,
                         userAccessUIEnabled: true,