Nexium Security

Middlewares

Security Middlewares for Nodejs Expressjs applications

Import the NMiddleware

const { NMiddleware } = require('nexium-security')

sanitizeInput

const express = require('express')
const app = express()
app.use(NMiddleware.sanitizeInput)

filterRequest

filter request for IPs and Domains. if the host or ip is in the filter list, it will returns 403

NMiddleware.setupFilters(['192.168.1.1', '203.0.113.0'], ['malicious.com', 'badactor.net'])
app.use(NMiddleware.filterRequest)

headerInspection

Middleware for HTTP Header Inspection to validate and filter HTTP headers for anomalies

  • Block insecure or malicious headers.
  • Add security headers like Strict-Transport-Security (HSTS).
app.use(NMiddleware.headerInspection)

csrfMiddleware

CSRF (Cross-Site Request Forgery) protection middleware that generates and validates tokens for client-side rendered (CSR) applications. It helps prevent unauthorized cross-origin requests by requiring a valid CSRF token in non-GET requests.

app.use(NMiddleware.csrfMiddleware('dynamic-secret-key'))

secure_session

const cookieParser = require('cookie-parser')
 
app.use(cookieParser())
app.use(NMiddleware.secure_session)
 
// generate/validate sessionId
const sessionId = NMiddleware.generateSessionIdFn()
 
const validateSession = NMiddleware.validateSessionFn(sessionId) // true /false

Previous

Installation

Next

Stream Cipher

On this page