XSS Sanitizer

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin

Escape a string for use in HTML or the inverse

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

Sanitize untrusted CSS with a configuration specified by a Whitelist. 根据白名单过滤CSS

Makes it possible to use DOMPurify on server and client in the same way.

Express middleware for the validator module.

hast utility to sanitize nodes

rehype plugin to sanitize HTML

Secure XSS Filters - Just sufficient output filtering to prevent XSS!

Middleware to sanitize user input

Express 4.x and 5.x middleware which sanitizes user input data (in req.body, req.query, req.headers and req.params) to prevent Cross Site Scripting (XSS) attack.

💎 Isomorphic html sanitizer by DOMPurify + sanitize-html

💎 Safe html expansion for Svelte with universal-sanitize

a small script to remove script tags from SVGs

Express middleware for the sanitizer module.

An express middleware inspired from express-sanitizer but additionally sanitizes URL params. It also gives an option to provide a preprocessor function to decide whether a (key, value) pair should be sanitized or not.

a complete package to control user input data to prevent Cross Site Scripting (XSS) ,Sql injection and no Sql injection attack

Markdown to HTML using marked and DOMPurify. Safe by default.

This module Sanitizes HTML input, stripping all tags and attributes that aren't whitelisted.HTML sanitization can be used to protect against cross-site scripting (XSS) attacks by sanitizing any HTML code submitted by a user.

💎 Use DOMPurify for some context by conditional exports

Various sanitizer, escaper, encoder, and utilities to prevent XSS

Filter and sanitize HTML input

This package helps to filter the input text that is malicious and intended to attack the server.

Express middleware for the sanitizer module using Caja's HTML Sanitizer and HTML escape using htmlencode.

Mongoose Sanitizer Plugin

Express middleware for the sanitizer module using Caja's HTML Sanitizer.

automatic sanitization of req body fields, params and query. uses caja. automatically does sanitization and escaping as middleware.

Class-based sanitization in TypeScript using decorators

💎 Safe html expansion for Svelte with DOMPurify

vet URIs in web and web-like applications with confidence

Koa middleware for the validator module.

Lightweight plugin for sanitize your html

Use dedicated classes to authorize and validate requests

A Nuxt 3 module that integrates DOMPurify for sanitizing HTML content and protecting against XSS attacks, with support for multiple profiles.

Escapes content for prevention of XSS (Cross Site Scripting) attacks.

A powerful middleware for securing your express.js applications against cross-site scripting (XSS) attacks

Mongoose Sanitizer Plugin

react-sanitizer-parser

Ember addon to help purify DOM content

An Ember addon that wraps DOMPurify.

一个开箱即用的Vue.js插件，可通过简单的方式防止XSS攻击

simple node middleware to sanitize req.body object

Recursive function that'll sanitize a string or ALL strings in a json input.

Escape a string for use in HTML or the inverse

Vue.js plugin for sanitizing and escaping user input to protect against XSS, SQL injection, and other security vulnerabilities.

Express middleware for the sanitizer module using Caja's HTML Sanitizer and HTML escape using htmlencode. Forked from express-sanitize-escape as the original package is no longer maintained

Sanitize strings — expecting text — from html, svg, erb, and mustache expressions.

A simple Markdown to HTML converter that transforms Markdown content into HTML code, which is sanitized to prevent XSS attacks.

**html-converter-react** is an isomorphic utility function that provides easy way to convert your string into a safely sanitized html. It's built on top of dompurify and it's made to work with react.

Koa middleware which sanitizes user input data (in req.body, req.query, req.headers and req.params) to prevent Cross Site Scripting (XSS) attack.