npm
Sign UpSign In

express-html-sanitizer

1.0.1 • Public • Published

express-html-sanitizer

express-html-sanitizer provides a middleware for Express JS to cleanup/sanitize JSON request body in express RESTful Service or in any JSON input containing unwanted HTML tags.

express-html-sanitizer uses excellent sanitize-html module recursively for sanitizing JSON data with unwanted HTML tags. You can put this middleware at root level to sanitize request body and provide a clean html sanitized payload for next middleware.

Requirements

express-html-sanitizer is intended for use with Express JS as a middleware. That's pretty much it. express-html-sanitizer is built on the excellent sanitize-html module.

How to use

Install module:

npm install express-html-sanitizer

Import the module:

const sanitizer  = require('express-html-sanitizer')

Get the middleware:

const sanitizeReqBody = sanitizer();

you can make some configuration for allowed tags and other like exactly sanitize-html and pass it as argument to get configured middleware. For details configuration you can see sanitize-html module documentation.

config = {
	allowedTags:  [  'b',  'i',  'em',  'strong',  'a'  ],
	allowedAttributes:  {'a':  [  'href'  ] },
	allowedIframeHostnames:  ['www.youtube.com']
}
const sanitizeReqBody = sanitizer(config);

Add a json body-parser middleware

app.use(require('body-parser').json());

Now use it in your Express App .

app.use(sanitizeReqBody);

Boom!!

Full Example

const express = require('express');
const sanitizer = require('express-html-sanitizer');
const app = express();

//Make some custom configuration if you want(optional)
config = {
	allowedTags:  [  'b',  'i',  'em',  'strong',  'a'  ],
	allowedAttributes:  {'a':  [  'href'  ] },
	allowedIframeHostnames:  ['www.youtube.com']
}

//Get the middleware
const sanitizeReqBody = sanitizer(config);

//Add body-parser middleware
app.use(require('body-parser').json());

//Add express-html-sanitizer middleware
app.use(sanitizeReqBody);

app.post('/post', (req, res, next) => {
	//get sanitized req.body
})

app.listen(8080, ()=> {
	console.log("Express server started");
})

Support

Fell free to open issues on github

Readme

Keywords

Package Sidebar

Install

npm i express-html-sanitizer

Repository

github.com/shohidulbari/express-html-sanitizer

Homepage

github.com/shohidulbari/express-html-sanitizer#readme

Weekly Downloads

15,869

Version

1.0.1

License

MIT

Unpacked Size

5.08 kB

Total Files

4

Last publish

Collaborators

  • sbr35
Try on RunKit
Report malware