InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now. Learn more →
Top 7 JavaScript Xss Projects
-
DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Let's take a look at how we implement sanitization in the secure version of our vulnerable application. Since this application is primarily written using JavaScript, we use the dompurify library for the client side and the isomorphic-dompurify library for server-side sanitization. In the app.js program that acts as our web server, you will find an express endpoint /sanitized with a GET and POST implementation:
-
SurveyJS
JavaScript Form Builder with No-Code UI & Built-In JSON Schema Editor. Add the SurveyJS white-label form builder to your JavaScript app (React/Angular/Vue3). Build complex JSON forms without coding. Fully customizable, works with any backend, perfect for data-heavy apps. Learn more.
-
-
Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
-
-
Project mention: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | news.ycombinator.com | 2025-02-19
> In each of the fake group invites, JavaScript code that typically redirects the user to join a Signal group has been replaced by a malicious block containing the Uniform Resource Identifier (URI) used by Signal to link a new device to Signal (i.e., "sgnl://linkdevice?uuid="), tricking victims into linking their Signal accounts to a device controlled by UNC5792.
Missing from their recommendations: Install No Script: https://noscript.net/
-
-
-
Civic Auth
Auth in Less Than 5 Minutes. Civic Auth comes with multiple SSO options, optional embedded wallets, and user management — all implemented with just a few lines of code. Start building today.
JavaScript Xss discussion
JavaScript Xss related posts
-
Your rich text could be a cross-site scripting vulnerability
-
How to use Tor - Part 1 - Motivation
-
Understanding Cross-Site Scripting (XSS): A Quick Reference
-
How to Encrypt JavaScript Code for Web Security
-
Securing JavaScript Applications: Common Vulnerabilities and How to Avoid Them
-
Mitigate XSS exploits when using React's `dangerously SetInnerHTML`
-
Navigating the Security Risks of Arbitrary Values in Tailwind CSS
-
A note from our sponsor - InfluxDB
www.influxdata.com | 15 May 2025
Index
What are some of the best open-source Xss projects in JavaScript? This list will help you:
# | Project | Stars |
---|---|---|
1 | DOMPurify | 15,114 |
2 | AwesomeXSS | 4,910 |
3 | Tiny-XSS-Payloads | 2,088 |
4 | HackVault | 1,985 |
5 | noscript | 917 |
6 | isomorphic-dompurify | 472 |
7 | sanitizer-polyfill | 67 |