xss-shield
js-xss
xss-shield | js-xss | |
---|---|---|
2 | 4 | |
5 | 5,108 | |
- | - | |
5.1 | 4.8 | |
11 months ago | 2 months ago | |
TypeScript | HTML | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
xss-shield
-
Introducing xss-shield - protect your Express.js App from XSS Attacks
GitHub: https://github.com/Louis3797/xss-shield
- Protect Your Express.js App from XSS Attacks
js-xss
-
Introducing xss-shield - protect your Express.js App from XSS Attacks
xss-shield is a powerful middleware package that helps you protect your express.js app from Cross-Site Scripting (XSS) attacks. It's built on top of the popular xss (https://www.npmjs.com/package/xss) package and includes additional features like strict typing
-
Is there any package that trims html tags?
I personally always tend to use this one. It's lightweight, configurable and has Typescript support built in
-
Storing user input html in a database for others users to see
Searching for XSS specifically actually comes up with a few - https://www.npmjs.com/package/xss looks solid. I was being to literal in my search! Should have tried bing.
-
Browser extension - Integrate your features securely
There are a few libraries you can use to protect from xss. For instance the xss library on npm.
What are some alternatives?
graphql-armor - 🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️
DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
maestro-express-async-errors - Maestro is a layer of code that acts as a wrapper, without any dependencies, for async middlewares.
sanitize-html - Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
foal - Full-featured Node.js framework, with no complexity. 🚀 Simple and easy to use, TypeScript-based and well-documented.
xss-filters