Initial commit

node_modules/x-xss-protection/dist/index.d.ts

@@ -0,0 +1,9 @@
+/// <reference types="node" />
+import { IncomingMessage, ServerResponse } from 'http';
+interface XXssProtectionOptions {
+    mode?: 'block' | null;
+    reportUri?: string;
+    setOnOldIE?: boolean;
+}
+declare const _default: (options?: XXssProtectionOptions) => (_req: IncomingMessage, res: ServerResponse, next: () => void) => void;
+export = _default;

node_modules/x-xss-protection/dist/index.js

@@ -0,0 +1,50 @@
+"use strict";
+function doesUserAgentMatchOldInternetExplorer(userAgent) {
+    if (!userAgent) {
+        return false;
+    }
+    var matches = /msie\s*(\d{1,2})/i.exec(userAgent);
+    return matches ? parseFloat(matches[1]) < 9 : false;
+}
+function getHeaderValueFromOptions(options) {
+    var directives = ['1'];
+    var isBlockMode;
+    if ('mode' in options) {
+        if (options.mode === 'block') {
+            isBlockMode = true;
+        }
+        else if (options.mode === null) {
+            isBlockMode = false;
+        }
+        else {
+            throw new Error('The `mode` option must be set to "block" or null.');
+        }
+    }
+    else {
+        isBlockMode = true;
+    }
+    if (isBlockMode) {
+        directives.push('mode=block');
+    }
+    if (options.reportUri) {
+        directives.push("report=" + options.reportUri);
+    }
+    return directives.join('; ');
+}
+module.exports = function xXssProtection(options) {
+    if (options === void 0) { options = {}; }
+    var headerValue = getHeaderValueFromOptions(options);
+    if (options.setOnOldIE) {
+        return function xXssProtection(_req, res, next) {
+            res.setHeader('X-XSS-Protection', headerValue);
+            next();
+        };
+    }
+    else {
+        return function xXssProtection(req, res, next) {
+            var value = doesUserAgentMatchOldInternetExplorer(req.headers['user-agent']) ? '0' : headerValue;
+            res.setHeader('X-XSS-Protection', value);
+            next();
+        };
+    }
+};