A Laravel middleware to cleaning all inputs/data of request from XSS and embed elements, its used Security Core package by Graham Campbell under the hook.
| Laravel | laravel-modules |
|---|---|
| 5.8 | ^1.0 |
| 6.X-8.X | ^2.0 |
| 9.X | ^3.0 |
| 10.X | ^4.0 |
composer require alkhwlani/xss-middleware
That's it! by default package automatic register a global middleware to cleaning all string inputs for all requests.
if you are not using automatic package discovery, then add the service provider in config/app.php:
\Alkhwlani\XssMiddleware\ServiceProvider::class,if you want customizes configuration you can publish the configuration
$ php artisan vendor:publish --provider="\Alkhwlani\XssMiddleware\ServiceProvider"Then check the content of the published config file config/xss-middleware.php.
Run the tests with:
vendor/bin/phpunitPlease see CONTRIBUTING for details.
If you discover any security-related issues, please email [email protected] instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.