Nourishing Pizza Microservice
Miss any of our Open RFC calls?Watch the recordings here! »


1.3.0 • Public • Published


A sanitization module for the people. Built for use in the ApostropheCMS, useful for many other things.


Launder can be used to sanitize strings, integers, floats, urls, and more. It's best for cases where you've already used front-end validation to encourage smart input, and now you want to make sure your inputs are reasonable.

Launder does not always assume your data is a string, which makes it highly compatible with the use of JSON to deliver data from browser to server. For instance, launder.boolean accepts the actual JavaScript values true and false as well as various string representations.

Launder's support for dates and times permits users to enter both in colloquial formats like 8/25 or 3pm and "just does the right thing," converting to 2015-08-25 and 15:00:00 respectively.

In addition to sanitization methods, Launder does contain a few other tools, such as formatDate and formatTime which simply output a Date object in the 2015-08-25 and 15:00:00 formats.


var launder = require('launder')();'/form', function(req, res) {
  var units = launder.integer(req.body.units, 0, 0, 100);
  var birthdate =;

You can also specify global options:

var launder = require('launder')({
  filterTag: function(tag) { return tag.toLowerCase(); }

Frequently used methods

launder.string(s, def)

Converts s to a string. s is coerced to a string, then leading and trailing whitespace is trimmed. If def is provided, it is returned when the string is empty or the value passed is not a string. If def is undefined, empty strings are left alone, and values that are not strings become empty strings.


If arr is an array, each element is sanitized with launder.string, and a new array containing the result is returned. If arr is not an array, an empty array is returned.

launder.integer(i, def, min, max)

Converts i to an integer. i is first coerced to an integer, if needed; if it is an empty string, undefined or otherwise not convertible, def is returned. If min is provided, and the result would be less than min, min is returned. If max is provided, and the result would be greater than max, max is returned. If def is not provided, the default is 0. If a number has a fractional part it is discarded, not rounded.

launder.float(f, def, min, max)

Converts f to a floating-point number. f is first coerced to a floating-point number, if needed; if it is an empty string, undefined or otherwise not convertible, def is returned. If min is provided, and the result would be less than min, min is returned. If max is provided, and the result would be greater than max, max is returned. If def is not provided, the default is 0.

launder.url(s, def)

Attempts to ensure that s is a valid URL. This method allows only the http:, https:, ftp: and mailto: URL schemes, but does allow relative URLs, and attempts to automatically fix common user mistakes such as typing:


... Without supplying the http:.

s is first sanitized with launder.string().

def is returned if the input is an empty string, not convertible to a URL, or suspicious (such as a javascript: URL). Spaces are removed as they are ignored by browsers in a surprising number of situations., choices, def)

Sanitize a choice made via a select element. If choice is one of the choices, it is returned, otherwise def is returned. If choices is an array of objects, then choice is compared to the value property of each object to find a match.

Choices can be numbers or strings. The choices and the input value are compared as strings. The matching choice is returned with its original type.

launder.boolean(b, def)

Sanitize a boolean value.

If the value is any of the following, true is returned:

true 'true' 'True' 't' 'yes' 'Yes' 'y' '1' Any other string starting with t, y, T, Y, or 1) 1

Note that both the string '1' and the number 1 are accepted.

If b is not true or false, and launder.string(b) returns the empty string, then false is returned unless def is defined, in which case def is returned., def, now)

Converts d to a date string in YYYY-MM-DD format, such as 2015-02-20.

d must be either a string or a Date object, otherwise def is returned. If def is undefined, the current date is returned.

now can be the current date object for resolving ambiguous dates. If it is not provided, a new Date object is created.

The following date string formats are supported:

YYYY-MM-DD MM/DD/YYYY MM/DD/YY (*) MM/DD (implies current year)

(*) Implies the current century, unless the result would be more than 50 years in the future, in which case it implies the previous century. This works well for the popular usage of two-digit years. If it bothers you, use four-digit years!

launder.time(t, def)

Converts t to a time string in HH:MM:SS format, such as 16:30:00.

The following formats are accepted:

16:30:00 16:30 16 1pm 2:37am 2:37:12am 2PM (case insensitive, in general) 2p (m is optional) 2 pm (spaces don't matter) 4:30a

If launder.string(t) returns the empty string, def is returned. If def is not provided, the current time is returned.

launder.tags(arr, filter)

Sanitize an array of tags. All strings and numbers in the supplied array are passed through launder.string, then through filter. If filter is not passed, the filterTag function provided as an option when configuring launder is used. If that option is not passed, the default filterTag function is used.

The default filterTag function trims whitespace and converts to lowercase.

Any elements which have been laundered to the empty string are discarded., def)

Sanitize an ID. For our purposes an ID is made up of the characters A-Z, a-z, 0-9 and _. An ID may begin with any of these characters. An ID must contain at least one character. launder.string is first used to coerce s to a string.

If any of these criteria are not met, def is returned.


Sanitize an array of IDs. Each element is passed through Any IDs that do not meet the criteria are omitted from the returned array.

Miscellaneous methods

We use these a lot in Apostrophe, but they might not feel as relevant for other applications. Use them if you wish!

launder.addBooleanFilterCriteria(options, name, criteria, def)

Use a tri-state filter value such as 'true', 'false', or 'any' to build a MongoDB-style query criteria object.

options[name] should be a string such as 'true', 'false' or 'any'.

criteria[name] will then be set to true, { $ne: true }, or left entirely unset.

Any value accepted by launder.boolean is acceptable to specify true and false. Also, null is accepted as a synonym for 'any'.

If def is not specified, the default behavior is any.


Output the given Date object in YYYY-MM-DD format. This is the canonical date format for Apostrophe.


Output the given Date object in HH:mm:ss format. This is the canonical time format for Apostrophe.

launder.padInteger(i, places)

Pads the specified integer with leading zeroes to ensure it has at least places digits and returns the resulting string.


1.3.0: booleanOrNull accepts the string 'null' as a synonym for null. Note that 'any' was already accepted. 'null' can be an attractive choice when the user will not see it in the query string and conflict with other uses of 'any' is a concern.

1.2.0: idRegExp option may be passed to change the rules for

1.1.2: linting.

1.1.1: for improved bc, does not crash if some of the choices given to select are null or undefined. Although this is a developer error rather than a sanitization issue, versions prior to 1.1.0 did tolerate this situation, so 1.1.1 does so as well. Thanks to Anthony Tarlao for his code contributions, and to Michelin for making this fix possible via Apostrophe Enterprise Support.

1.1.0: now handles numeric values for choices gracefully. Specifically, if the value passed in is a string, it will be validated as a match for a choice that is a number, as long as they have the same string representation, and the number (not the string) will be returned. Previously there was no match in this situation.

Thanks to Michelin for making this possible via Apostrophe Enterprise Support.

1.0.1: launder.time will now also accept a . (dot) as the separator (until now only : colon was recognized). Thanks to Lars Houmark.

1.0.0: switched to a maintained, secure fork of lodash 3, declared 1.0.0 as this has been a stable part of Apostrophe for years.

0.1.3: launder.booleanOrNull broken out from launder.addBooleanFilterCriteria so that you can get the tri-state value without modifying a criteria object.

0.1.2: launder.tags also accepts a comma-separated string.

0.1.1: removed never-used and undocumented parseTime method.

0.1.0: initial release. Based on stable code recently refactored from Apostrophe 0.5.x.

About ApostropheCMS

launder was created for use in ApostropheCMS, an open-source content management system built on Node.js. If you like launder you should definitely check out Also be sure to visit us on github.


Feel free to open issues on github.


npm i launder

DownloadsWeekly Downloads






Unpacked Size

51.8 kB

Total Files


Last publish


  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar