node-soc-lite/lib/patterns.js

A security middleware for NodeJs(express) app to Detect OWASP Top Basic and generate report in your ThreatEquation dashboard.

/*var patterns_xss = [/((\%3C)|<)((\%2F)|\/)*[a-z0-9\%]+((\%3E)|>)/ix,
/((\%3C)|<)((\%69)|i|(\%49))((\%6D)|m|(\%4D))((\%67)|g|(\%47))[^\n]+((\%3E)|>)/I,
/((\%3C)|<)[^\n]+((\%3E)|>)/I];


*/
var p = [];

p.xss = function(){
   xss =  /[&<>"'`](?:\x00|^-*!?>|--!?>|--?!?$|\]>|\]$)(?:^$|[\x00\x09-\x0D "'`=<>])[\x00-\x2F\x3A-\x40\x5B-\x60\x7B-\xFF][\x00-\x2F\x3A-\x40\x5B-\x60\x7B-\xFF\u2028\u2029]\x00-\x2F\x3A-\x40\x5B-\x60\x7B-\xFF]/g;
   return xss;
}  

module.exports = p;