From 18dcbec3a5a99a57d0ef43a06a99c2ab17c2eed6 Mon Sep 17 00:00:00 2001
From: "Rotundo, Al (ar3165)" <ar3165@att.com>
Date: Wed, 31 Jul 2019 14:46:56 +0000
Subject: Added new modules to help prevent Cross Site Request Forgery

Made changes to prevent arbitrary code exection on AdmPortal.
Issue-ID: OJSI-40

Change-Id: I5ec60e2585413f3948c2540bd502dd1393794267
Signed-off-by: Rotundo, Al (ar3165) <ar3165@att.com>

Former-commit-id: 3d54c9ad35ef5e7a4b13948e718a4ad2830cbb04
---
 admportal/package.json | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'admportal/package.json')

diff --git a/admportal/package.json b/admportal/package.json
index f30d0599..6274d72d 100644
--- a/admportal/package.json
+++ b/admportal/package.json
@@ -12,12 +12,16 @@
     "bootstrap-submenu": "^2.0.3",
     "bootstrap-table": "^1.9.1",
     "cookie-parser": "~1.3.3",
+    "crypto": "^1.0.1",
+    "csurf": "^1.10.0",
     "csv": "^0.4.1",
     "csvtojson": "^0.5.3",
     "dateformat": "^1.0.11",
     "debug": "~2.0.0",
+    "dns-sync": "~0.1.3",
     "ejs": "~0.8.5",
     "express": "~4.9.0",
+    "express-sanitizer": "^1.0.5",
     "express-session": "^1.10.1",
     "fs.extra": "^1.3.2",
     "lodash": "^3.8.0",
@@ -30,7 +34,6 @@
     "properties-reader": "0.0.9",
     "sax": "^0.6.1",
     "serve-favicon": "~2.1.3",
-    "xml2js": "^0.4.5",
-    "dns-sync": "~0.1.3"
+    "xml2js": "^0.4.5"
   }
 }
-- 
cgit 1.2.3-korg