Host Validation Middleware
JSON →host-validation-middleware is an npm package providing Connect/Express-compatible middleware designed to protect against DNS rebinding attacks by validating the `Host` header in incoming HTTP requests. The current stable version is 0.1.4, indicating it's still in an early development phase but receives maintenance patches. It differentiates itself by offering flexible host matching, including subdomain wildcard support (e.g., `.mydomain.com`), and automatically allowing `localhost` and IP addresses which are not susceptible to DNS rebinding. While crucial for HTTP development environments, the package explicitly notes that its utility is significantly reduced for HTTPS production sites, as DNS rebinding attacks are generally ineffective against encrypted connections. Its core logic is inspired by the `allowedHosts` option found in `webpack-dev-server`.
Traffic · last 30 days ↓50% vs prev 7d
top countries 🇺🇸 United States · 🇨🇦 Canada · 🇫🇮 Finland · 🇩🇪 Germany · 🇫🇷 France