MCPcopy
hub / github.com/midwayjs/midway / SecurityHelper

Class SecurityHelper

packages/security/src/middleware/helper.ts:6–29  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

4
5@Middleware()
6export class SecurityHelper implements IMiddleware<any, any> {
7 resolve(app) {
8 if ('express' === app.getNamespace()) {
9 return async (req: any, res, next) => {
10 return this.compatibleMiddleware(req, req, res, next);
11 };
12 } else {
13 return async (ctx, next) => {
14 return this.compatibleMiddleware(ctx, ctx.request, ctx, next);
15 };
16 }
17 }
18
19 async compatibleMiddleware(context, req, res, next) {
20 context.security = {
21 escape,
22 html: (htmlCode: string) => filterXSS(htmlCode),
23 js: safeJS,
24 json: safeJSON,
25 };
26
27 return next();
28 }
29}
30
31const MATCH_VULNERABLE_REGEXP = /[\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f]/;
32const BASIC_ALPHABETS = new Set(

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected