npm
Sign UpSign In

csp-serdes
TypeScript icon, indicating that this package has built-in type declarations

1.0.1 • Public • Published

Simple and correct Content-Security-Policy parser and serializer using ES6 Maps and Sets.

import * as csp from 'csp-serdes'
 
example_policy = "default-src 'none'; script-src 'nonce-ExamplePolicyTests'; sandbox; connect-src https: 'self'; img-src 'self'; style-src 'self'"
 
policy = csp.parse(example_policy)
 
policy instanceof Map // true
policy.get('default-src') instanceof Set // true
 
// remove directives
policy.delete('sandbox')
 
// modify directives
policy.get('script-src').add("'unsafe-eval'")
 
// replace directives
policy.set('script-src', new Set(["'self'", "'unsafe-eval'"]))
 
// serialize back to a string
csp.serialize(policy) // "default-src 'none'; script-src 'self' 'unsafe-eval'; connect-src https: 'self'; img-src 'self'; style-src 'self'"

Readme

Keywords

Package Sidebar

Install

npm i csp-serdes

Repository

github.com/cmcaine/csp-serdes

Homepage

github.com/cmcaine/csp-serdes#readme

Weekly Downloads

1

Version

1.0.1

License

AGPL-3.0-or-later

Unpacked Size

47.5 kB

Total Files

11

Last publish

Collaborators

  • cmcaine
Try on RunKit
Report malware