Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/haimkastner/generic-json-sanitizer

Generic JSON sanitizer is a very small generic JSON sanitizer with express middleware support using 'sanitize-html'
https://github.com/haimkastner/generic-json-sanitizer

express expressjs nodejs typescript

Last synced: about 17 hours ago
JSON representation

Generic JSON sanitizer is a very small generic JSON sanitizer with express middleware support using 'sanitize-html'

Host: GitHub
URL: https://github.com/haimkastner/generic-json-sanitizer
Owner: haimkastner
License: mit
Created: 2019-02-24T01:09:33.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2024-03-09T19:25:12.000Z (8 months ago)
Last Synced: 2024-10-13T03:40:07.869Z (about 1 month ago)
Topics: express, expressjs, nodejs, typescript
Language: TypeScript
Homepage: https://www.npmjs.com/package/generic-json-sanitizer
Size: 72.3 KB
Stars: 3
Watchers: 1
Forks: 0
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # generic-json-sanitizer

Generic json sanitizer is very small generic json sanitizer with express middleware support using 'sanitize-html',

by walking on json tree and cleaning any string.

[![Build & Test Status](https://github.com/haimkastner/generic-json-sanitizer/workflows/generic-json-sanitizer/badge.svg?branch=master)](https://github.com/haimkastner/generic-json-sanitizer/actions)

## Install via NPM:

```bash 

npm install generic-json-sanitizer

```

The sanitizer using [sanitize-html](https://github.com/punkave/sanitize-html) API.

And sanitize option is [IOptions](https://github.com/DefinitelyTyped/DefinitelyTyped/blob/master/types/sanitize-html/index.d.ts).

> Pay attention! The async API uses the JS Worker Thread API- this means Node.JS >= 14 is required and may also cause issues with Webpack bundling.

This does NOT affect the synchronous API.

## Simple using.

```typescript

import { sanitizeJsonSync } from 'generic-json-sanitizer';

const dirtySchema: any = {

    a: 5555,

    b: 'alert("hello");',

    c: {

        d: '',

        e: 'hello,; : world--= :',

        f: 54435622

    },

    g: [

        '<script>alert("hello"); world',

        {

            h: 'hello alert("world");'

        }

    ]

};

const cleanOptions = {

    allowedAttributes: {},

    allowedTags: [],

}

/** Clean sync dirty schema */

sanitizeJsonSync(dirtySchema, cleanOptions)

console.log(`Sanitized schema: ${JSON.stringify(dirtySchema)}`);

/** Clean big schema async */

sanitizeJsonAsync(bigDirtySchema, cleanOptions)

    .then((sanitizeSchema: any) => {

        console.log(`Async Sanitized schema sample: ${JSON.stringify(sanitizeSchema[55])}`);

    });

```

## Using as express middleware

```typescript

import { sanitizeExpressMiddleware } from 'generic-json-sanitizer';

import * as express from 'express';

const app = express();

/** For default options */

app.use(sanitizeExpressMiddleware);

/** To sanitize big schema, you can use async sanitizer */

app.use(sanitizeExpressMiddlewareAsync);

/** Set 'sanitize-html' options */

app.use((request: express.Request, response: express.Response, next: express.NextFunction) => {

    sanitizeExpressMiddleware(request, response, next, {

        allowedAttributes: {},

        allowedTags: [],

    })

}); 

```

> Async supports only from Node 13.

For real example see `src/example` folder.