JSPM

xss-shield

1.0.1
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 151
  • Score
    100M100P100Q83511F
  • License MIT

A powerful middleware for securing your express.js applications against cross-site scripting (XSS) attacks

Package Exports

  • xss-shield
  • xss-shield/build/main/index.js
  • xss-shield/build/module/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (xss-shield) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

xss-shield

This package provides a middleware for Express.js that helps protect against cross-site scripting (XSS) attacks. It's built on top of the xss module and is written in TypeScript.

contributors last update forks stars open issues license

Installation

To use this middleware, first install it using npm or yarn:

npm install xss-shield

or 

yarn add xss-shield

Usage

To use this middleware in your Express.js application, simply require or import it and add it to your middleware stack:

const express = require('express'); 
const xssShield = require('xss-shield');

const app = express();

// Add the middleware to the middleware stack
app.use(xssShield());

You can also pass options to the middleware to customize its behavior. See the xss documentation for available options.

const express = require('express'); 
const xssShield = require('xss-shield');

const app = express();

// Add the middleware to the middleware stack with options
app.use(xssShield({
  whiteList: {
    a: ['href', 'title', 'target'],
    img: ['src', 'alt'],
  }
}));

License

xss-shield is licensed under the MIT License. See LICENSE for more information.