This package provides a middleware for Express.js that helps protect against cross-site scripting (XSS) attacks. It's built on top of the [xss module](https://www.npmjs.com/package/xss) and is written in TypeScript.

Installation

To use this middleware, first install it using npm or yarn:

npm install xss-middleware

yarn add xss-middleware

Usage

To use this middleware in your Express.js application, simply require or import it and add it to your middleware stack:

const express = require('express'); 
const xssMiddleware = require('xss-middleware');

const app = express();

// Add the middleware to the middleware stack
app.use(xssMiddleware());

You can also pass options to the middleware to customize its behavior. See the xss documentation for available options.

const express = require('express'); 
const xssMiddleware = require('xss-middleware');

const app = express();

// Add the middleware to the middleware stack with options
app.use(xssMiddleware({
  whiteList: {
    a: ['href', 'title', 'target'],
    img: ['src', 'alt'],
  }
}));

License

xss-middleware is licensed under the MIT License. See LICENSE for more information.

Keywords

FAQs

What is xss-middleware?

Is xss-middleware well maintained?

Last updated on 21 Mar 2023

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

xss-middleware

xss-middleware

Installation

Usage

License

Keywords

Related posts

ESLint Approves RFC to Add Support for TypeScript Config Files

The Alarming NVD Backlog: Over 50% of Known Exploited Vulnerabilities Await Analysis