129 lines
7.1 KiB
JSON
129 lines
7.1 KiB
JSON
{
|
|
"_args": [
|
|
[
|
|
{
|
|
"raw": "csrf@~3.0.0",
|
|
"scope": null,
|
|
"escapedName": "csrf",
|
|
"name": "csrf",
|
|
"rawSpec": "~3.0.0",
|
|
"spec": ">=3.0.0 <3.1.0",
|
|
"type": "range"
|
|
},
|
|
"/home/jdaugherty/work/GT2/GT2-Android/node_modules/csurf"
|
|
]
|
|
],
|
|
"_from": "csrf@>=3.0.0 <3.1.0",
|
|
"_id": "csrf@3.0.6",
|
|
"_inCache": true,
|
|
"_location": "/csrf",
|
|
"_nodeVersion": "4.7.3",
|
|
"_npmOperationalInternal": {
|
|
"host": "packages-18-east.internal.npmjs.com",
|
|
"tmp": "tmp/csrf-3.0.6.tgz_1489549463230_0.9222420507576317"
|
|
},
|
|
"_npmUser": {
|
|
"name": "dougwilson",
|
|
"email": "doug@somethingdoug.com"
|
|
},
|
|
"_npmVersion": "2.15.11",
|
|
"_phantomChildren": {},
|
|
"_requested": {
|
|
"raw": "csrf@~3.0.0",
|
|
"scope": null,
|
|
"escapedName": "csrf",
|
|
"name": "csrf",
|
|
"rawSpec": "~3.0.0",
|
|
"spec": ">=3.0.0 <3.1.0",
|
|
"type": "range"
|
|
},
|
|
"_requiredBy": [
|
|
"/csurf"
|
|
],
|
|
"_resolved": "https://registry.npmjs.org/csrf/-/csrf-3.0.6.tgz",
|
|
"_shasum": "b61120ddceeafc91e76ed5313bb5c0b2667b710a",
|
|
"_shrinkwrap": null,
|
|
"_spec": "csrf@~3.0.0",
|
|
"_where": "/home/jdaugherty/work/GT2/GT2-Android/node_modules/csurf",
|
|
"author": {
|
|
"name": "Jonathan Ong",
|
|
"email": "me@jongleberry.com",
|
|
"url": "http://jongleberry.com"
|
|
},
|
|
"bugs": {
|
|
"url": "https://github.com/pillarjs/csrf/issues"
|
|
},
|
|
"contributors": [
|
|
{
|
|
"name": "Douglas Christopher Wilson",
|
|
"email": "doug@somethingdoug.com"
|
|
}
|
|
],
|
|
"dependencies": {
|
|
"rndm": "1.2.0",
|
|
"tsscmp": "1.0.5",
|
|
"uid-safe": "2.1.4"
|
|
},
|
|
"description": "primary logic behind csrf tokens",
|
|
"devDependencies": {
|
|
"bluebird": "3.5.0",
|
|
"eslint": "3.17.1",
|
|
"eslint-config-standard": "7.0.1",
|
|
"eslint-plugin-markdown": "1.0.0-beta.4",
|
|
"eslint-plugin-promise": "3.5.0",
|
|
"eslint-plugin-standard": "2.1.1",
|
|
"istanbul": "0.4.5",
|
|
"mocha": "2.5.3"
|
|
},
|
|
"directories": {},
|
|
"dist": {
|
|
"shasum": "b61120ddceeafc91e76ed5313bb5c0b2667b710a",
|
|
"tarball": "https://registry.npmjs.org/csrf/-/csrf-3.0.6.tgz"
|
|
},
|
|
"engines": {
|
|
"node": ">= 0.8"
|
|
},
|
|
"files": [
|
|
"LICENSE",
|
|
"HISTORY.md",
|
|
"README.md",
|
|
"index.js"
|
|
],
|
|
"gitHead": "018ec746e8ce5dea10dda78a2480a0a9e756f1a8",
|
|
"homepage": "https://github.com/pillarjs/csrf#readme",
|
|
"keywords": [
|
|
"csrf",
|
|
"tokens"
|
|
],
|
|
"license": "MIT",
|
|
"maintainers": [
|
|
{
|
|
"name": "dougwilson",
|
|
"email": "doug@somethingdoug.com"
|
|
},
|
|
{
|
|
"name": "dwolla",
|
|
"email": "api@dwolla.com"
|
|
},
|
|
{
|
|
"name": "jongleberry",
|
|
"email": "jonathanrichardong@gmail.com"
|
|
}
|
|
],
|
|
"name": "csrf",
|
|
"optionalDependencies": {},
|
|
"readme": "# CSRF\n\n[![NPM Version][npm-image]][npm-url]\n[![NPM Downloads][downloads-image]][downloads-url]\n[![Node.js Version][node-image]][node-url]\n[![Build Status][travis-image]][travis-url]\n[![Test Coverage][coveralls-image]][coveralls-url]\n\nLogic behind CSRF token creation and verification.\n\nRead [Understanding-CSRF](https://github.com/pillarjs/understanding-csrf)\nfor more information on CSRF. Use this module to create custom CSRF middleware.\n\nLooking for a CSRF framework for your favorite framework that uses this\nmodule?\n\n * Express/connect: [csurf](https://www.npmjs.com/package/csurf) or\n [alt-xsrf](https://www.npmjs.com/package/alt-xsrf)\n * Koa: [koa-csrf](https://www.npmjs.com/package/koa-csrf) or\n [koa-atomic-session](https://www.npmjs.com/package/koa-atomic-session)\n\n### Install\n\n```sh\n$ npm install csrf\n```\n\n## API\n\n<!-- eslint-disable no-unused-vars -->\n\n```js\nvar Tokens = require('csrf')\n```\n\n### new Tokens([options])\n\nCreate a new token generation/verification instance. The `options` argument is\noptional and will just use all defaults if missing.\n\n#### Options\n\nTokens accepts these properties in the options object.\n\n##### saltLength\n\nThe length of the internal salt to use, in characters. Internally, the salt\nis a base 62 string. Defaults to `8` characters.\n\n##### secretLength\n\nThe length of the secret to generate, in bytes. Note that the secret is\npassed around base-64 encoded and that this length refers to the underlying\nbytes, not the length of the base-64 string. Defaults to `18` bytes.\n\n#### tokens.create(secret)\n\nCreate a new CSRF token attached to the given `secret`. The `secret` is a\nstring, typically generated from the `tokens.secret()` or `tokens.secretSync()`\nmethods. This token is what you should add into HTML `<form>` blocks and\nexpect the user's browser to provide back.\n\n<!-- eslint-disable no-undef, no-unused-vars -->\n\n```js\nvar secret = tokens.secretSync()\nvar token = tokens.create(secret)\n```\n\n#### tokens.secret(callback)\n\nAsynchronously create a new `secret`, which is a string. The secret is to\nbe kept on the server, typically stored in a server-side session for the\nuser. The secret should be at least per user.\n\n<!-- eslint-disable no-undef -->\n\n```js\ntokens.secret(function (err, secret) {\n if (err) throw err\n // do something with the secret\n})\n```\n\n#### tokens.secret()\n\nAsynchronously create a new `secret` and return a `Promise`. Please see\n`tokens.secret(callback)` documentation for full details.\n\n**Note**: To use promises in Node.js _prior to 0.12_, promises must be\n\"polyfilled\" using `global.Promise = require('bluebird')`.\n\n<!-- eslint-disable no-undef -->\n\n```js\ntokens.secret().then(function (secret) {\n // do something with the secret\n})\n```\n\n#### tokens.secretSync()\n\nA synchronous version of `tokens.secret(callback)`. Please see\n`tokens.secret(callback)` documentation for full details.\n\n<!-- eslint-disable no-undef, no-unused-vars -->\n\n```js\nvar secret = tokens.secretSync()\n```\n\n#### tokens.verify(secret, token)\n\nCheck whether a CSRF token is valid for the given `secret`, returning\na Boolean.\n\n<!-- eslint-disable no-undef -->\n\n```js\nif (!tokens.verify(secret, token)) {\n throw new Error('invalid token!')\n}\n```\n\n## License\n\n[MIT](LICENSE)\n\n[npm-image]: https://img.shields.io/npm/v/csrf.svg\n[npm-url]: https://npmjs.org/package/csrf\n[node-image]: https://img.shields.io/node/v/csrf.svg\n[node-url]: https://nodejs.org/en/download/\n[travis-image]: https://img.shields.io/travis/pillarjs/csrf/master.svg\n[travis-url]: https://travis-ci.org/pillarjs/csrf\n[coveralls-image]: https://img.shields.io/coveralls/pillarjs/csrf/master.svg\n[coveralls-url]: https://coveralls.io/r/pillarjs/csrf?branch=master\n[downloads-image]: https://img.shields.io/npm/dm/csrf.svg\n[downloads-url]: https://npmjs.org/package/csrf\n",
|
|
"readmeFilename": "README.md",
|
|
"repository": {
|
|
"type": "git",
|
|
"url": "git+https://github.com/pillarjs/csrf.git"
|
|
},
|
|
"scripts": {
|
|
"lint": "eslint --plugin markdown --ext js,md .",
|
|
"test": "mocha --trace-deprecation --reporter spec --bail --check-leaks test/",
|
|
"test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --trace-deprecation --reporter dot --check-leaks test/",
|
|
"test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --trace-deprecation --reporter spec --check-leaks test/"
|
|
},
|
|
"version": "3.0.6"
|
|
}
|