alkhwlani / xss-middleware
A Laravel Middleware to filter user inputs from XSS and iframes and other embed elements.
Maintainers
Requires
- php: ^8.1
- illuminate/http: ^10.0 || ^11.0 || ^12.0 || ^13.0
- illuminate/support: ^10.0 || ^11.0 || ^12.0 || ^13.0
- voku/anti-xss: ^4.1
Requires (Dev)
- mockery/mockery: ^1.6
- orchestra/testbench: ^8.0 || ^9.0 || ^10.0 || ^11.0
- phpunit/phpunit: ^10.0 || ^11.0
README
A Laravel middleware to cleaning all inputs/data of request from XSS and embed elements, its used voku/anti-xss under the hood.
Support version
| Laravel | laravel-modules |
|---|---|
| 5.8 | ^1.0 |
| 6.X-8.X | ^2.0 |
| 9.X | ^3.0 |
| 10.X-13.X | ^4.0 |
Install
composer require alkhwlani/xss-middleware
Usage
That's it! by default package automatic register a global middleware to cleaning all string inputs for all requests.
if you are not using automatic package discovery, then add the service provider in config/app.php:
\Alkhwlani\XssMiddleware\ServiceProvider::class,
Optional
if you want customizes configuration you can publish the configuration
$ php artisan vendor:publish --provider="\Alkhwlani\XssMiddleware\ServiceProvider"
Then check the content of the published config file config/xss-middleware.php.
Testing
Run the tests with:
vendor/bin/phpunit
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security-related issues, please email alkhwlani@yandex.com instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.