1.0.0 • Published 6 years ago
securitytxt-middleware v1.0.0
SecurityTxt
Express middleware to provide interface for Security Vulnerability Disclosure security.txt
The middleware is base on the (draft-foudil-securitytxt-09)https://tools.ietf.org/html/draft-foudil-securitytxt-09
Install
npm install securitytxt-middleware --saveUsage
const express = require('express');
const securityTxtMiddleware = require('securitytxt-middleware')
const app = express();
const port = 3000;
const securityTxtConfig = {
  Contact: 'mailto:security@website.com',
  Encryption: 'https://website.com/sign.pgp',
  Anknowledgments: 'https://website.com/thank-you.html',
  'Preferred-Languages': 'en',
  Policy: 'https://website.com/policy.html',
}
const securityTxtPath = './security.txt';
// object with key:value
app.use('/.well-known/security.txt', securityTxtMiddleware(securityTxtConfig))
// path to file to read and send
app.use('/.well-known/security_file.txt', securityTxtMiddleware(securityTxtPath))
app.get('/', (req, res) => res.send('Hello World!'));
app.listen(port, () => console.log(`Example app listening at http://localhost:${port}`));There are two types of argument that the middleware could accept
- Object
- Path to file
1.0.0
6 years ago