tl-shared-security/dist/frontend/csp-config.d.ts

Enterprise-grade security module for frontend and backend applications with comprehensive protection against XSS, CSRF, SQL injection, and other security vulnerabilities

export interface CspDirectives {
    defaultSrc?: string[];
    scriptSrc?: string[];
    styleSrc?: string[];
    imgSrc?: string[];
    connectSrc?: string[];
    fontSrc?: string[];
    objectSrc?: string[];
    mediaSrc?: string[];
    frameSrc?: string[];
    childSrc?: string[];
    workerSrc?: string[];
    frameAncestors?: string[];
    formAction?: string[];
    manifestSrc?: string[];
    baseUri?: string[];
    reportUri?: string;
    reportTo?: string;
}
export interface CspOptions {
    directives?: CspDirectives;
    reportOnly?: boolean;
    enabled?: boolean;
}
export declare class CspConfig {
    private options;
    constructor(options?: CspOptions);
    /**
     * Generates a CSP header value
     * @returns CSP header value
     */
    generateHeaderValue(): string;
    /**
     * Applies CSP to the document using a meta tag
     * Only works in browser environment
     */
    applyToDocument(): void;
    /**
     * Gets the CSP headers for server-side rendering
     * @returns Object with CSP headers
     */
    getHeaders(): Record<string, string>;
    /**
     * Creates a nonce for use with CSP
     * @returns Random nonce string
     */
    static generateNonce(): string;
}
export declare const cspConfig: CspConfig;
//# sourceMappingURL=csp-config.d.ts.map