|25 days ago||-|
|GNU General Public License v3.0 or later||-|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Storing user input html in a database for others users to see
1 project | reddit.com/r/webdev | 29 Nov 2021
Searching for XSS specifically actually comes up with a few - https://www.npmjs.com/package/xss looks solid. I was being to literal in my search! Should have tried bing.
Browser extension - Integrate your features securely
2 projects | dev.to | 16 Feb 2021
There are a few libraries you can use to protect from xss. For instance the xss library on npm.
We haven't tracked posts mentioning xss-filters yet.
Tracking mentions began in Dec 2020.
What are some alternatives?
DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
sanitize-html - Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
SuperTokens Community - Open source alternative to Auth0 / Firebase Auth / AWS Cognito
openzeppelin-contracts - OpenZeppelin Contracts is a library for secure smart contract development.
Themis - Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
KeeWeb - Free cross-platform password manager compatible with KeePass
smart-contract-best-practices - A guide to smart contract security best practices