npm
Sign UpSign In

cspeasy-express
TypeScript icon, indicating that this package has built-in type declarations

0.2.0 • Public • Published

cspeasy-express

A simple way to setup Content Security Policy even with inline scripts and styles in express!

It digests HTML documents so you can have a strong CSP with necessary inline scripts and styles (e.g. Google Analytics).

Example

npm install cspeasy-express --save

import express from "express";
import { resolve } from "path";
import { Policies } from "cspeasy";
import { createContentSecurityPolicy } from "cspeasy-express";
 
const app = express();
 
app.use(createContentSecurityPolicy({
    defaultSrc: Policies.None,
    documents: [ resolve("test/index.html") ]
}));
 
app.use((request, response) => {
    response.sendFile(resolve("test/index.html"));
});
 
const port = 3000;
 
app.listen(port, () => console.log(`listening on port ${port}`));

/cspeasy-express/

    Package Sidebar

    Install

    npm i cspeasy-express

    Repository

    github.com/jamesadarich/cspeasy

    Homepage

    github.com/jamesadarich/cspeasy/blob/master/express/README.md

    Weekly Downloads

    3

    Version

    0.2.0

    License

    MIT

    Unpacked Size

    3.87 kB

    Total Files

    5

    Last publish

    Collaborators

    • jamesrichford
    Try on RunKit
    Report malware