XSS

Escape a string for use in HTML or the inverse

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

Sanitize untrusted CSS with a configuration specified by a Whitelist. 根据白名单过滤CSS

Content Security Policy middleware

Middleware to disable the X-XSS-Protection header

Express middleware for the validator module.

hast utility to sanitize nodes

Makes it possible to use DOMPurify on server and client in the same way.

Secure XSS Filters - Just sufficient output filtering to prevent XSS!

rehype plugin to sanitize HTML

Validates XSS related issues of mixing HTML and non-HTML content in variables.

Node.js agent for Sqreen, please see https://www.sqreen.io/

Safe replacement for the v-html directive

middleware to sanitize user input

Jam3 eslint plugin for react

Express middleware for the sanitizer module.

Express 4.x middleware which sanitizes user input data (in req.body, req.query, req.headers and req.params) to prevent Cross Site Scripting (XSS) attack.

XSS filter extension for showdown

TypeScript definitions for Yahoo XSS Filters

Ember addon to help purify DOM content

Various XSS-hunter ESLint rules

Escape string for use in html

Disallow jQuery functions with XSS potential.

一个开箱即用的Vue.js插件，可通过简单的方式防止XSS攻击

General purpose I/O module to add following http headers to keep your webpages securing them from malware attacks. This module can be used with any node http server.

A support package for web developer.

Vue.js 2.x and 3.x plugin to add HTML secure directives v-html-remove, v-html-escape, v-html-safe

A modern oembed client. Allows you to register filters to improve or supply oembed support for sites that don't normally have it. You can also supply a allowlist of services you trust to prevent XSS attacks.

Various sanitizer, escaper, encoder, and utilities to prevent XSS

XSS Secure

automatic sanitization of req body fields, params and query. uses caja. automatically does sanitization and escaping as middleware.

Escapes content for prevention of XSS (Cross Site Scripting) attacks.

Safely strip DOM tags from a HTML string to prevent XSS attacks.

a small script to remove script tags from SVGs

Anti-XSS filters for security

A JS lib base on Vue and View-design, you can achieve some complex functions with simple code after install this lib.

merge to `w-statistic`

Markdown to HTML using marked and DOMPurify. Safe by default.

Express middleware for the sanitizer module using Caja's HTML Sanitizer and HTML escape using htmlencode.

A webpack plugin that adds a hash-based strict CSP to help protect your site against XSS attacks.

A set of malicious payloads for XSS testing

Express middleware for the sanitizer module using Caja's HTML Sanitizer.

To prevent from xss and to make secure build

Breakpoints at 480px and 384px for Bootstrap 3

Mongoose Sanitizer Plugin

This package helps to filter the input text that is malicious and intended to attack the server.

Koa middleware for the validator module.

Express middleware that detects malicious requests, like XSS or Path Traversal

Class-based sanitization in TypeScript using decorators