safe-buffer
Safer Node.js Buffer API
Safer Node.js Buffer API
Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.
JavaScript library of crypto standards.
General purpose crypto utilities
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
Sanitize untrusted CSS with a configuration specified by a Whitelist. 根据白名单过滤CSS
help secure Express/Connect apps with various HTTP headers
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin
Content Security Policy middleware
HTTP Strict Transport Security middleware.
Middleware to disable the X-XSS-Protection header
Build Content Security Policy directives.
Middleware to remove the X-Powered-By header
Middleware to prevent mimetype from being sniffed
HTTP Public Key Pinning (HPKP) middleware
Middleware to set the Referrer-Policy HTTP header
Middleware to set the Feature-Policy HTTP header
Set the X-Permitted-Cross-Domain-Policies header in Express apps
Given a response from the npm security api, render it into a variety of security reports
JSON parse with prototype poisoning protection