js-xss
smart-contract-best-practices
Our great sponsors
| js-xss | smart-contract-best-practices | |
|---|---|---|
| 4 | 15 | |
| 4,847 | 6,606 | |
| - | 2.2% | |
| 5.6 | 3.3 | |
| 2 months ago | about 1 month ago | |
| HTML | HTML | |
| GNU General Public License v3.0 or later | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
js-xss
-
Introducing xss-shield - protect your Express.js App from XSS Attacks
xss-shield is a powerful middleware package that helps you protect your express.js app from Cross-Site Scripting (XSS) attacks. It's built on top of the popular xss (https://www.npmjs.com/package/xss) package and includes additional features like strict typing
-
Browser extension - Integrate your features securely
There are a few libraries you can use to protect from xss. For instance the xss library on npm.
smart-contract-best-practices
- Solidity security reviews?
-
Want to learn blockchain development but confused
Then i delved into best practises (https://consensys.github.io/smart-contract-best-practices/) and patterns (https://fravoll.github.io/solidity-patterns/) to improve.
-
Blockchain Dev
Consensys' Smart Contract Best Practices is a good start for security related stuff (super important because you'll be dealing with people's money in smart contracts) https://consensys.github.io/smart-contract-best-practices/
- Websites to practice white hat/ how to get into contract security?
-
My journey from Web Dev to Web 3.0 Dev - Part 1
Solidity basics and best practices
- Contract example with best practices?
-
RESOURCES I USED TO LEARN BLOCKCHAIN/SMART CONTRACT PROGRAMMING
Smart Contracts Best Practices
- Web3.0 Resources
-
Por onde começar em tecnologias blockchain ?
Tooling e best practices: https://github.com/ConsenSys/ethereum-developer-tools-list https://github.com/ConsenSys/smart-contract-best-practices
What are some alternatives?
DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
sanitize-html - Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
xss-filters
Themis - Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Retire.js - scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
cidaas SDK for JS - cidaas JavaScript SDK
showdown - A bidirectional Markdown to HTML to Markdown converter written in Javascript
SuperTokens Community - Open source alternative to Auth0 / Firebase Auth / AWS Cognito
web3j - Lightweight Java and Android library for integration with Ethereum clients
openzeppelin-contracts - OpenZeppelin Contracts is a library for secure smart contract development.
mythril - Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.
openzeppelin-contracts-upgradeable - Upgradeable variant of OpenZeppelin Contracts, meant for use in upgradeable contracts.