UNPKG

tezx

Version:

TezX is a high-performance, lightweight JavaScript framework designed for speed, scalability, and flexibility. It enables efficient routing, middleware management, and static file serving with minimal configuration. Fully compatible with Node.js, Deno, an

github.com/tezxjs/TezX/issues

tezxjs/TezX

53 lines (52 loc) โ€ข 1.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
import { Middleware } from "../types/index.js"; export type SanitizeHeadersOptions = { /** * ๐ŸŸข Whitelist of allowed headers (case-insensitive) * @default [] (allow all if empty) * @example * whitelist: ['content-type', 'authorization'] // Only allow these headers */ whitelist?: string[]; /** * ๐Ÿ”ด Blacklist of disallowed headers (case-insensitive) * @default [] (block none if empty) * @example * blacklist: ['x-powered-by', 'server'] // Block server info headers */ blacklist?: string[]; /** * ๐Ÿ”ต Normalize header keys to lowercase * @default true * @example * normalizeKeys: false // Preserve original header case */ normalizeKeys?: boolean; /** * ๐ŸŸ  Allow potentially unsafe characters in header values * @default false * @warning Enabling this may reduce security * @example * allowUnsafeCharacters: true // Allow CR/LF in headers */ allowUnsafeCharacters?: boolean; }; /** * ๐Ÿงผ Middleware to sanitize HTTP headers for security and compliance * * Removes dangerous headers, enforces allow/block lists, and normalizes headers. * Protects against header injection and information leakage. * * @param {SanitizeHeadersOptions} [options={}] - Configuration options * @returns {Middleware} Middleware function * * @example * // Basic usage with defaults * app.use(sanitizeHeaders()); * * // Strict configuration * app.use(sanitizeHeaders({ * whitelist: ['accept', 'content-type'], * normalizeKeys: true * })); */ export declare const sanitizeHeaders: (options?: SanitizeHeadersOptions) => Middleware;