1.0.1 • Published 6 years ago

csp-serdes v1.0.1

Weekly downloads
4
License
AGPL-3.0-or-later
Repository
github
Last release
6 years ago

Simple and correct Content-Security-Policy parser and serializer using ES6 Maps and Sets.

import * as csp from 'csp-serdes'

example_policy = "default-src 'none'; script-src 'nonce-ExamplePolicyTests'; sandbox; connect-src https: 'self'; img-src 'self'; style-src 'self'"

policy = csp.parse(example_policy)

policy instanceof Map // true
policy.get('default-src') instanceof Set // true

// remove directives
policy.delete('sandbox')

// modify directives
policy.get('script-src').add("'unsafe-eval'")

// replace directives
policy.set('script-src', new Set(["'self'", "'unsafe-eval'"]))

// serialize back to a string
csp.serialize(policy) // "default-src 'none'; script-src 'self' 'unsafe-eval'; connect-src https: 'self'; img-src 'self'; style-src 'self'"
cspparserparsingcontent-security-policy
@everything-registry/sub-chunk-1419@zalastax/nolb-csp
1.0.1

6 years ago

1.0.0

6 years ago