Saturday, April 27, 2019

php - nodejs filtering inputs




In PHP to filter inputs data I use functions
htmlspecialchars and mysql_real_escape_string. Is there any functions like this in nodejs?



I need to check all inputs in my rounter functions to prevent hacker attacks like xss.
Thanks!


Answer



node-validator is the perfect library for this, it has many functions for both validation and sanitation / filtering, for example: 



entityDecode()                  //Decode HTML entities

entityEncode()
xss()                           //Remove common XSS attack vectors from text (default)
xss(true)                       //Remove common XSS attack vectors from images


or



contains(str)
notContains(str)
regex(pattern, modifiers)       //Usage: regex(/[a-z]/i) or regex('[a-z]','i')

notRegex(pattern, modifiers)
len(min, max)                   //max is optional
isUUID(version)                 //Version can be 3 or 4 or empty, see http://en.wikipedia.org/wiki/Universally_unique_identifier
isDate()                        //Uses Date.parse() - regex is probably a better choice
isAfter(date)                   //Argument is optional and defaults to today
isBefore(date)                  //Argument is optional and defaults to today
isIn(options)                   //Accepts an array or string

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

plot explanation - Why did Peaches' mom hang on the tree? - Movies & TV

In the middle of the movie Ice Age: Continental Drift Peaches' mom asked Peaches to go to sleep. Then, she hung on the tree. This parti...