Safer Node.js Buffer API
Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.
General purpose crypto utilities
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
Sanitize untrusted CSS with a configuration specified by a Whitelist. 根据白名单过滤CSS
help secure Express/Connect apps with various HTTP headers
Content Security Policy middleware
HTTP Strict Transport Security middleware.
Middleware to disable the X-XSS-Protection header
Build Content Security Policy directives.
Middleware to remove the X-Powered-By header
Middleware to prevent mimetype from being sniffed
HTTP Public Key Pinning (HPKP) middleware
Middleware to set the Referrer-Policy HTTP header
Middleware to set the Feature-Policy HTTP header
Set the X-Permitted-Cross-Domain-Policies header in Express apps
Given a response from the npm security api, render it into a variety of security reports
JSON parse with prototype poisoning protection