npm
Sign UpSign In

securitytxt-middleware

1.0.0 • Public • Published

SecurityTxt

Express middleware to provide interface for Security Vulnerability Disclosure security.txt

The middleware is base on the (draft-foudil-securitytxt-09)[https://tools.ietf.org/html/draft-foudil-securitytxt-09]

Install

npm install securitytxt-middleware --save

Usage

const express = require('express');
const securityTxtMiddleware = require('securitytxt-middleware')
const app = express();
const port = 3000;

const securityTxtConfig = {
  Contact: 'mailto:security@website.com',
  Encryption: 'https://website.com/sign.pgp',
  Anknowledgments: 'https://website.com/thank-you.html',
  'Preferred-Languages': 'en',
  Policy: 'https://website.com/policy.html',
}

const securityTxtPath = './security.txt';

// object with key:value
app.use('/.well-known/security.txt', securityTxtMiddleware(securityTxtConfig))

// path to file to read and send
app.use('/.well-known/security_file.txt', securityTxtMiddleware(securityTxtPath))

app.get('/', (req, res) => res.send('Hello World!'));

app.listen(port, () => console.log(`Example app listening at http://localhost:${port}`));

There are two types of argument that the middleware could accept

  • Object
  • Path to file

Readme

Keywords

Package Sidebar

Install

npm i securitytxt-middleware

Repository

github.com/bdryanovski/securitytxt

Homepage

github.com/bdryanovski/securitytxt#readme

Weekly Downloads

0

Version

1.0.0

License

MIT

Unpacked Size

3.84 kB

Total Files

4

Last publish

Collaborators

  • bdryanovski
Try on RunKit
Report malware