Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/louis3797/xss-shield

A powerful middleware for securing your express.js applications against cross-site scripting (XSS) attacks
https://github.com/louis3797/xss-shield

express-middleware middleware node security typescript xss xss-attacks xss-filter xss-sanitizer xss-shield

Last synced: about 1 year ago
JSON representation

A powerful middleware for securing your express.js applications against cross-site scripting (XSS) attacks

Awesome Lists containing this project

README 

          



  
xss-shield


  

  


   This package provides a middleware for Express.js that helps protect against cross-site scripting (XSS) attacks. It's built on top of the xss module and is written in TypeScript.

 

  


  

  





  

    contributors

  

  

    last update

  

  

    forks

  

  

    stars

  

  

    open issues

  

  

    license

  







## Installation



To use this middleware, first install it using npm or yarn:

```bash

npm install xss-shield

```



or 



```bash

yarn add xss-shield

```



## Usage

To use this middleware in your Express.js application, simply require or import it and add it to your middleware stack:



```ts

const express = require('express'); 

const xssShield = require('xss-shield');



const app = express();



// Add the middleware to the middleware stack

app.use(xssShield());

```



You can also pass options to the middleware to customize its behavior. See the [xss documentation](https://jsxss.com/en/options.html) for available options.



```ts

const express = require('express'); 

const xssShield = require('xss-shield');



const app = express();



// Add the middleware to the middleware stack with options

app.use(xssShield({

  whiteList: {

    a: ['href', 'title', 'target'],

    img: ['src', 'alt'],

  }

}));

```



## License

xss-shield is licensed under the MIT License. See LICENSE for more information.