npm
Sign UpSign In

cspeasy-express
TypeScript icon, indicating that this package has built-in type declarations

0.2.0 • Public • Published

cspeasy-express

A simple way to setup Content Security Policy even with inline scripts and styles in express!

It digests HTML documents so you can have a strong CSP with necessary inline scripts and styles (e.g. Google Analytics).

Example

npm install cspeasy-express --save

import express from "express";
import { resolve } from "path";
import { Policies } from "cspeasy";
import { createContentSecurityPolicy } from "cspeasy-express";
 
const app = express();
 
app.use(createContentSecurityPolicy({
    defaultSrc: Policies.None,
    documents: [ resolve("test/index.html") ]
}));
 
app.use((request, response) => {
    response.sendFile(resolve("test/index.html"));
});
 
const port = 3000;
 
app.listen(port, () => console.log(`listening on port ${port}`));

Readme

Keywords

none

Package Sidebar

Install

npm i cspeasy-express

Repository

github.com/jamesadarich/cspeasy

Homepage

github.com/jamesadarich/cspeasy/blob/master/express/README.md

Weekly Downloads

1

Version

0.2.0

License

MIT

Unpacked Size

3.87 kB

Total Files

5

Last publish

Collaborators

  • jamesrichford
Try on RunKit
Report malware