This middleware works by default for * HTTP Methods and will throw an 405 Method Not Allowed error when the there will be a request sent with an HTTP Method that is not allowed.
It will help you solve this security problem.
export type HTTPMethod = 'GET' | 'POST' | 'DELETE' | 'PATCH' | 'POST' | string;export type AllowedHTTPMethods = HTTPMethod[] | '*'To write a custom logic for this middleware follow this pattern:
export default defineNuxtConfig({ security: { allowedMethodsRestricter: ['POST'], }})Or use routeRules for per route configuration:
export default defineNuxtConfig({ routeRules: { '/my-secret-route': { security: { allowedMethodsRestricter: ['POST'], } } }