1 files changed, 126 insertions, 0 deletions

diff --git a/vnfmarket/src/main/webapp/vnfmarket/node_modules/csrf/README.md b/vnfmarket/src/main/webapp/vnfmarket/node_modules/csrf/README.md
new file mode 100644
index 00000000..537a02a9
--- /dev/null
+++ b/vnfmarket/src/main/webapp/vnfmarket/node_modules/csrf/README.md
@@ -0,0 +1,126 @@
+# CSRF
+
+[![NPM Version][npm-image]][npm-url]
+[![NPM Downloads][downloads-image]][downloads-url]
+[![Node.js Version][node-image]][node-url]
+[![Build Status][travis-image]][travis-url]
+[![Test Coverage][coveralls-image]][coveralls-url]
+
+Logic behind CSRF token creation and verification.
+
+Read [Understanding-CSRF](https://github.com/pillarjs/understanding-csrf)
+for more information on CSRF. Use this module to create custom CSRF middleware.
+
+Looking for a CSRF framework for your favorite framework that uses this
+module?
+
+  * Express/connect: [csurf](https://www.npmjs.com/package/csurf) or
+    [alt-xsrf](https://www.npmjs.com/package/alt-xsrf)
+  * Koa: [koa-csrf](https://www.npmjs.com/package/koa-csrf) or
+    [koa-atomic-session](https://www.npmjs.com/package/koa-atomic-session)
+
+### Install
+
+```bash
+$ npm install csrf
+```
+
+## API
+
+```js
+var Tokens = require('csrf')
+```
+
+### new Tokens([options])
+
+Create a new token generation/verification instance. The `options` argument is
+optional and will just use all defaults if missing.
+
+#### Options
+
+Tokens accepts these properties in the options object.
+
+##### saltLength
+
+The length of the internal salt to use, in characters. Internally, the salt
+is a base 62 string. Defaults to `8` characters.
+
+##### secretLength
+
+The length of the secret to generate, in bytes. Note that the secret is
+passed around base-64 encoded and that this length refers to the underlying
+bytes, not the length of the base-64 string. Defaults to `18` bytes.
+
+#### tokens.create(secret)
+
+Create a new CSRF token attached to the given `secret`. The `secret` is a
+string, typically generated from the `tokens.secret()` or `tokens.secretSync()`
+methods. This token is what you should add into HTML `<form>` blocks and
+expect the user's browser to provide back.
+
+```js
+var secret = tokens.secretSync()
+var token = tokens.create(secret)
+```
+
+#### tokens.secret(callback)
+
+Asynchronously create a new `secret`, which is a string. The secret is to
+be kept on the server, typically stored in a server-side session for the
+user. The secret should be at least per user.
+
+```js
+tokens.secret(function (err, secret) {
+  if (err) throw err
+  // do something with the secret
+})
+```
+
+#### tokens.secret()
+
+Asynchronously create a new `secret` and return a `Promise`. Please see
+`tokens.secret(callback)` documentation for full details.
+
+**Note**: To use promises in Node.js _prior to 0.12_, promises must be
+"polyfilled" using `global.Promise = require('bluebird')`.
+
+```js
+tokens.secret().then(function (secret) {
+  // do something with the secret
+})
+```
+
+#### tokens.secretSync()
+
+A synchronous version of `tokens.secret(callback)`. Please see
+`tokens.secret(callback)` documentation for full details.
+
+```js
+var secret = tokens.secretSync()
+```
+
+#### tokens.verify(secret, token)
+
+Check whether a CSRF token is valid for the given `secret`, returning
+a Boolean.
+
+```js
+if (!tokens.verify(secret, token)) {
+  throw new Error('invalid token!')
+}
+```
+
+## License
+
+[MIT](LICENSE)
+
+[npm-image]: https://img.shields.io/npm/v/csrf.svg
+[npm-url]: https://npmjs.org/package/csrf
+[node-image]: https://img.shields.io/node/v/csrf.svg
+[node-url]: https://nodejs.org/en/download/
+[travis-image]: https://img.shields.io/travis/pillarjs/csrf/master.svg
+[travis-url]: https://travis-ci.org/pillarjs/csrf
+[coveralls-image]: https://img.shields.io/coveralls/pillarjs/csrf/master.svg
+[coveralls-url]: https://coveralls.io/r/pillarjs/csrf?branch=master
+[downloads-image]: https://img.shields.io/npm/dm/csrf.svg
+[downloads-url]: https://npmjs.org/package/csrf