Initial commit

node_modules/helmet-crossdomain/CHANGELOG.md

@@ -0,0 +1,12 @@
+# Changelog
+
+## 0.4.0 - 2019-06-15
+### Added
+- Added TypeScript type definitions. See [#7](https://github.com/helmetjs/crossdomain/issues/7)
+- Created a changelog
+- Added additional package metadata
+
+### Changed
+- Excluded some files from npm package
+
+Changes in versions 0.3.0 and below can be found in [Helmet's changelog](https://github.com/helmetjs/helmet/blob/master/CHANGELOG.md).

node_modules/helmet-crossdomain/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014-2019 Evan Hahn, Adam Baldwin
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

node_modules/helmet-crossdomain/README.md

@@ -0,0 +1,24 @@
+X-Permitted-Cross-Domain-Policies middleware
+============================================
+[![Build Status](https://travis-ci.org/helmetjs/crossdomain.svg?branch=master)](https://travis-ci.org/helmetjs/crossdomain)
+
+The `X-Permitted-Cross-Domain-Policies` header tells some web clients (like Adobe Flash or Adobe Acrobat) your domain's policy for loading cross-domain content. See the description on [OWASP](https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Permitted-Cross-Domain-Policies) for more.
+
+Usage:
+
+```javascript
+const crossdomain = require('helmet-crossdomain')
+
+// Sets X-Permitted-Cross-Domain-Policies: none
+app.use(crossdomain())
+
+// You can use any of the following values:
+app.use(crossdomain({ permittedPolicies: 'none' }))
+app.use(crossdomain({ permittedPolicies: 'master-only' }))
+app.use(crossdomain({ permittedPolicies: 'by-content-type' }))
+app.use(crossdomain({ permittedPolicies: 'all' }))
+```
+
+The `by-ftp-type` is not currently supported. Please open an issue or pull request if you desire this feature!
+
+If you don't expect Adobe products to load data from your site, you get a minor security benefit by adding this header.

node_modules/helmet-crossdomain/dist/index.d.ts

@@ -0,0 +1,7 @@
+/// <reference types="node" />
+import { IncomingMessage, ServerResponse } from 'http';
+interface CrossDomainOptions {
+    permittedPolicies?: string;
+}
+declare const _default: (options?: CrossDomainOptions) => (_req: IncomingMessage, res: ServerResponse, next: () => void) => void;
+export = _default;

node_modules/helmet-crossdomain/dist/index.js

@@ -0,0 +1,29 @@
+"use strict";
+function getHeaderValueFromOptions(options) {
+    var DEFAULT_PERMITTED_POLICIES = 'none';
+    var ALLOWED_POLICIES = [
+        'none',
+        'master-only',
+        'by-content-type',
+        'all',
+    ];
+    var permittedPolicies;
+    if ('permittedPolicies' in options) {
+        permittedPolicies = options.permittedPolicies;
+    }
+    else {
+        permittedPolicies = DEFAULT_PERMITTED_POLICIES;
+    }
+    if (ALLOWED_POLICIES.indexOf(permittedPolicies) === -1) {
+        throw new Error("\"" + permittedPolicies + "\" is not a valid permitted policy. Allowed values: " + ALLOWED_POLICIES.join(', ') + ".");
+    }
+    return permittedPolicies;
+}
+module.exports = function crossdomain(options) {
+    if (options === void 0) { options = {}; }
+    var headerValue = getHeaderValueFromOptions(options);
+    return function crossdomain(_req, res, next) {
+        res.setHeader('X-Permitted-Cross-Domain-Policies', headerValue);
+        next();
+    };
+};

node_modules/helmet-crossdomain/package.json

@@ -0,0 +1,87 @@
+{
+  "_from": "helmet-crossdomain@0.4.0",
+  "_id": "helmet-crossdomain@0.4.0",
+  "_inBundle": false,
+  "_integrity": "sha512-AB4DTykRw3HCOxovD1nPR16hllrVImeFp5VBV9/twj66lJ2nU75DP8FPL0/Jp4jj79JhTfG+pFI2MD02kWJ+fA==",
+  "_location": "/helmet-crossdomain",
+  "_phantomChildren": {},
+  "_requested": {
+    "type": "version",
+    "registry": true,
+    "raw": "helmet-crossdomain@0.4.0",
+    "name": "helmet-crossdomain",
+    "escapedName": "helmet-crossdomain",
+    "rawSpec": "0.4.0",
+    "saveSpec": null,
+    "fetchSpec": "0.4.0"
+  },
+  "_requiredBy": [
+    "/helmet"
+  ],
+  "_resolved": "https://registry.npmjs.org/helmet-crossdomain/-/helmet-crossdomain-0.4.0.tgz",
+  "_shasum": "5f1fe5a836d0325f1da0a78eaa5fd8429078894e",
+  "_spec": "helmet-crossdomain@0.4.0",
+  "_where": "/home/runner/Socketio-Chat-Template/node_modules/helmet",
+  "author": {
+    "name": "Evan Hahn",
+    "email": "me@evanhahn.com",
+    "url": "https://evanhahn.com"
+  },
+  "bugs": {
+    "url": "https://github.com/helmetjs/crossdomain/issues",
+    "email": "me@evanhahn.com"
+  },
+  "bundleDependencies": false,
+  "deprecated": false,
+  "description": "Set the X-Permitted-Cross-Domain-Policies header in Express apps",
+  "devDependencies": {
+    "@types/connect": "^3.4.32",
+    "@types/jest": "^24.0.14",
+    "@types/supertest": "^2.0.7",
+    "@typescript-eslint/eslint-plugin": "^1.9.0",
+    "@typescript-eslint/parser": "^1.9.0",
+    "connect": "^3.7.0",
+    "eslint": "^5.16.0",
+    "eslint-config-helmet": "^0.2.0",
+    "jest": "^24.8.0",
+    "supertest": "^4.0.2",
+    "ts-jest": "^24.0.2",
+    "typescript": "^3.5.2"
+  },
+  "engines": {
+    "node": ">=4.0.0"
+  },
+  "files": [
+    "LICENSE",
+    "README.md",
+    "CHANGELOG.md",
+    "dist/index.js",
+    "dist/index.d.ts"
+  ],
+  "homepage": "https://helmetjs.github.io/docs/crossdomain/",
+  "keywords": [
+    "security",
+    "express",
+    "connect",
+    "crossdomain.xml",
+    "x-permitted-cross-domain-policies",
+    "flash"
+  ],
+  "license": "MIT",
+  "main": "./dist/index.js",
+  "name": "helmet-crossdomain",
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/helmetjs/crossdomain.git"
+  },
+  "scripts": {
+    "build": "npm run clean && tsc",
+    "clean": "rm -rf dist",
+    "lint": "eslint --fix '**/*.ts'",
+    "prepublishOnly": "npm run build",
+    "pretest": "npm run lint",
+    "test": "jest --config test/jest-config.json"
+  },
+  "typings": "./dist/index.d.ts",
+  "version": "0.4.0"
+}