New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →

vue-sanitize-escape

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

vue-sanitize-escape

Vue.js plugin for sanitizing and escaping user input to protect against XSS, SQL injection, and other security vulnerabilities.

0.0.3
latest
Source
npm

Version published: 7 months ago

Weekly downloads: 81; decreased by-52.91%

Maintainers: 0

Weekly downloads

Created: 7 months ago

Source

vue-sanitize-escape

A Vue.js plugin to fortify your application against common web vulnerabilities like Cross-Site Scripting (XSS), SQL Injection, and Open Redirects.

Features

Sanitization:
- Deeply sanitizes strings, numbers, objects, and arrays.
- Removes dangerous HTML tags (e.g.,
- Neutralizes potential SQL injection attempts.
- Protects against open redirect attacks.
Escaping:
- Escapes special characters in strings to prevent XSS vulnerabilities.
Vue.js Integration:
- Simple installation as a Vue plugin.
- Convenient $sanitizeEscape object for direct access to functions.
- Custom Vue directive (v-sanitize) for automatic input sanitization.
Lightweight and Dependency-Free:
- No external dependencies, ensuring minimal overhead.
- Focused on core sanitization and escaping tasks.
Support for the Vitejs based projects

Installation

npm install vue-sanitize-escape

Usage

Vue.js

import Vue from 'vue';
import VueSanitizeEscape from 'vue-sanitize-escape';

// Sanitizes all inputs by default. In this case no need to use v-sanitize directive
Vue.use(VueSanitizeEscape, { sanitizeAll: true });

// sanitizeAll defaults to false
Vue.use(VueSanitizeEscape);

Sanitize Input

this.$sanitizeEscape.sanitize(userInput, type);

userInput: The input to sanitize (string, number, object, array).
type: Optional (default: 'string'). Specifies the type of the input.

Escape HTML Entities

this.$sanitizeEscape.escape(userInput);

v-sanitize Directive

<input type="text" v-model="userInput" v-sanitize />

This directive will automatically sanitize the input on change. You can optionally specify the type as an argument:

<input type="number" v-model="userAge" v-sanitize:number />

Why Use vue-sanitize-escape?

Ease of Use: Seamlessly integrates with Vue.js projects.
Option to integrate by default for all inputs. Otherwise, it can be used for the targeted inputs.
No Dependencies: Avoids the overhead and potential vulnerabilities of third-party libraries.
Customizable: Tailor the sanitization behavior to your specific needs by extending or modifying the core functions.
Performance: Designed to be lightweight and efficient, minimizing impact on your application's performance.
Security-Focused: Specifically crafted to address common web vulnerabilities and enhance the security of your Vue.js application.
Regularly Updated: The library will be actively maintained to adapt to new security threats and best practices.

Contributing

Contributions are welcome! Please feel free to submit issues and pull requests.

License

This project is licensed under the MIT License.

Keywords

FAQs

What is vue-sanitize-escape?

Is vue-sanitize-escape popular?

Is vue-sanitize-escape well maintained?

Package last updated on 03 Jul 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install