PHP code example of protonemedia / laravel-xss-protection

1. Go to this page and download the library: Download protonemedia/laravel-xss-protection library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php. 
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

protonemedia / laravel-xss-protection example snippets


use App\Http\Controllers\CreateAccountController;
use ProtoneMedia\LaravelXssProtection\Middleware\XssCleanInput;

Route::post('account', CreateAccountController::class)->middleware(XssCleanInput::class);


// inside app\Http\Kernel.php

protected $middleware = [
   // ...
   \ProtoneMedia\LaravelXssProtection\Middleware\XssCleanInput::class,
];


XssCleanInput::skipWhen(function (Request $request) {
    return $request->is('admin.*');
});


XssCleanInput::skipKeyWhen(function (string $key, $value, Request $request) {
    return in_array($key, [
        'current_password',
        'password',
        'password_confirmation',
    ]);
});


use Illuminate\Support\Facades\Event;
use ProtoneMedia\LaravelXssProtection\Events\MaliciousInputFound;

Event::listen(function (MaliciousInputFound $event) {
    $event->sanitizedKeys;
    $event->originalRequest;
    $event->sanitizedRequest;
});


'anti_xss' => [
    'evil' => [
        'attributes' => ['href'],
        'tags' => ['video'],
    ],

    'replacement' => '*redacted*',
]