A Laravel middleware to cleaning all inputs/data of request from XSS and embed elements, its used Security Core package by Graham Campbell under the hook.
Laravel | laravel-modules |
---|---|
5.8 | ^1.0 |
6.X-8.X | ^2.0 |
9.X | ^3.0 |
10.X | ^4.0 |
composer require alkhwlani/xss-middleware
That's it! by default package automatic register a global middleware to cleaning all string inputs for all requests.
if you are not using automatic package discovery, then add the service provider in config/app.php
:
\Alkhwlani\XssMiddleware\ServiceProvider::class,
if you want customizes configuration you can publish the configuration
$ php artisan vendor:publish --provider="\Alkhwlani\XssMiddleware\ServiceProvider"
Then check the content of the published config file config/xss-middleware.php
.
Run the tests with:
vendor/bin/phpunit
Please see CONTRIBUTING for details.
If you discover any security-related issues, please email alkhwlani@yandex.com instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.