0.2.0 • Published 6 years ago

cspeasy-express v0.2.0

Weekly downloads
3
License
MIT
Repository
github
Last release
6 years ago

cspeasy-express

A simple way to setup Content Security Policy even with inline scripts and styles in express!

It digests HTML documents so you can have a strong CSP with necessary inline scripts and styles (e.g. Google Analytics).

Example

npm install cspeasy-express --save

import express from "express";
import { resolve } from "path";
import { Policies } from "cspeasy";
import { createContentSecurityPolicy } from "cspeasy-express";

const app = express();

app.use(createContentSecurityPolicy({
    defaultSrc: Policies.None,
    documents: [ resolve("test/index.html") ]
}));

app.use((request, response) => {
    response.sendFile(resolve("test/index.html"));
});

const port = 3000;

app.listen(port, () => console.log(`listening on port ${port}`));
cspeasy
@everything-registry/sub-chunk-1419@zalastax/nolb-csp
0.2.0

6 years ago

0.1.0

6 years ago