Eslint-plugin-no-unsanitized Alternatives
Similar projects and alternatives to eslint-plugin-no-unsanitized
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
-
java-html-sanitizer
Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.
-
bluemonday
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
-
You-Dont-Need-Lodash-Underscore
List of JavaScript methods which you can use natively + ESLint Plugin
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
eslint-plugin-no-unsanitized reviews and mentions
-
Escaping user input is ridonkulously hard
Prevent any uses of setting innerHTML or similar functions e.g. via an eslint plugin.
-
HTML Sanitizer API
Great point!
It wanted to edit the comment to change (1) to (server/client) but I passed my edit timeout.
I would include your (5) within (1). `textContent` and other DOM methods like `setAttribute` are effectively secure output-escaping on the client.
Your (5a) is an excellent extra measure. In this area, I'd also add security-focused linting for (1) and (5)–e.g. for (5), to ensure secure DOM methods are used, I use Mozilla's `eslint-plugin-no-unsanitized`[0] plugin for all my personal & work projects.
[0] https://github.com/mozilla/eslint-plugin-no-unsanitized/
Stats
mozilla/eslint-plugin-no-unsanitized is an open source project licensed under Mozilla Public License 2.0 which is an OSI approved license.
The primary programming language of eslint-plugin-no-unsanitized is JavaScript.
Popular Comparisons
Sponsored