alkhwlani / xss-middleware
A Laravel 5.5+ Middleware to filter user inputs from XSS and iframes and other embed elements.
Installs: 221 326
Dependents: 0
Suggesters: 0
Security: 0
Stars: 5
Watchers: 3
Forks: 3
Open Issues: 0
Requires
- graham-campbell/security: ^11.0
Requires (Dev)
- illuminate/support: ^10.0
- laravel/legacy-factories: ^1.3
- mockery/mockery: ^1.4.4
- orchestra/testbench: ^8.0
- phpunit/phpunit: ^9.5.10
README
A Laravel middleware to cleaning all inputs/data of request from XSS and embed elements, its used Security Core package by Graham Campbell under the hook.
Support version
| Laravel | laravel-modules |
|---|---|
| 5.8 | ^1.0 |
| 6.X-8.X | ^2.0 |
| 9.X | ^3.0 |
| 10.X | ^4.0 |
Install
composer require alkhwlani/xss-middleware
Usage
That's it! by default package automatic register a global middleware to cleaning all string inputs for all requests.
if you are not using automatic package discovery, then add the service provider in config/app.php:
\Alkhwlani\XssMiddleware\ServiceProvider::class,
Optional
if you want customizes configuration you can publish the configuration
$ php artisan vendor:publish --provider="\Alkhwlani\XssMiddleware\ServiceProvider"
Then check the content of the published config file config/xss-middleware.php.
Testing
Run the tests with:
vendor/bin/phpunit
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security-related issues, please email alkhwlani@yandex.com instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.