Create Security Middleware 

#### Goals
* Provide secure defaults out-of-the-box
* Provide clear and concise guidance for application developers

#### References
* [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#Bonus_Rule_.231:_Use_HTTPOnly_cookie_flag)
* [Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Encrypted_Token_Pattern)
* [helmetjs/helmet](https://github.com/helmetjs/helmet)
* [expressjs/csurf](https://github.com/expressjs/csurf)
* [Cross-Site Request Forgery Mitigation for Express.js Apps Made Easy Using The Same-Site Cookie Flag](https://medium.com/node-security/cross-site-request-forgery-mitigation-for-express-js-apps-made-easy-using-the-same-site-cookie-flag-e19ee7d5b513)
* [We’re under attack! 23+ Node.js security best practices](https://medium.com/@nodepractices/were-under-attack-23-node-js-security-best-practices-e33c146cb87d)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Create Security Middleware #1

Goals

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Create Security Middleware #1

Description

Goals

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions