UNPKG

express-defend

Version:

Express middleware that detects malicious requests, like XSS or Path Traversal

github.com/akos-sereg/express-defend

akos-sereg/express-defend

23 lines (22 loc) 2.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Suspicious Request /?name=%3Cscript, fragment is on blacklist (Reflected XSS): "<script"" from ::ffff:127.0.0.1 Suspicious Request /?name=%3Cscript, fragment is on blacklist (Reflected XSS): "<script"" from ::ffff:127.0.0.1 Dropping request /?name=%3Cscript from ::ffff:127.0.0.1 Suspicious Request /?name=%3Cscript, fragment is on blacklist (Reflected XSS): "<script"" from ::ffff:127.0.0.1 An error occurred while executing onMaxAttemptsReached callback: Error: The show must go on Suspicious Request /?name=%3Cscript, fragment is on blacklist (Reflected XSS): "<script"" from ::ffff:127.0.0.1, reached threshold (2) Dropping request /?name=%3Cscript from ::ffff:127.0.0.1 An error occurred while executing onMaxAttemptsReached callback: Error: The show must go on Suspicious Request /?page.html?name=../../etc/passwd, fragment is on blacklist (Path Traversal): "../"" from 127.0.0.1, reached threshold (1) Dropping request /?page.html?name=../../etc/passwd from 127.0.0.1 An error occurred while executing onMaxAttemptsReached callback: Error: The show must go on Suspicious Request /?page.html?name=" or "1"="1, fragment is on blacklist (SQL Injection): "" or "1"="1"" from 127.0.0.1, reached threshold (1) Dropping request /?page.html?name=" or "1"="1 from 127.0.0.1 An error occurred while executing onMaxAttemptsReached callback: Error: The show must go on Suspicious Request /?page.html?name=<script>alert("hello world")</script>, fragment is on blacklist (Reflected XSS): "<script"" from 127.0.0.1, reached threshold (1) Dropping request /?page.html?name=<script>alert("hello world")</script> from 127.0.0.1 An error occurred while executing onMaxAttemptsReached callback: Error: The show must go on Suspicious Request /?page.html?name=<ScRiPt, fragment is on blacklist (Reflected XSS): "<script"" from 127.0.0.1, reached threshold (1) Dropping request /?page.html?name=<ScRiPt from 127.0.0.1 An error occurred while executing onMaxAttemptsReached callback: Error: The show must go on Suspicious Request /?page.html?name=\x3cscript, fragment is on blacklist (Reflected XSS): "\x3cscript"" from 127.0.0.1, reached threshold (1) Dropping request /?page.html?name=\x3cscript from 127.0.0.1