Angel middleware designed to enhance application security.

Properties

DEFAULT_SANITIZERS → Map<Pattern, String>

read-only

Functions

banIp(filter, { String message: 'Your IP address is forbidden from accessing this server.' }) → RequestMiddleware

Throws a 403 Forbidden if the user's IP is banned.

sanitizeHtmlInput({bool body: true, bool query: true, Map<Pattern, String> replace: const {} }) → RequestMiddleware

Mitigates XSS risk by sanitizing user HTML input.

setCsrfToken({String name: 'csrf_token', bool cookie: false }) → RequestHandler

Adds a CSRF token to the session, if none is present.

verifyCsrfToken({bool allowCookie: false, bool allowQuery: true, String name: 'csrf_token' }) → RequestMiddleware

Ensures that the request contains a correct CSRF token.