xss-scrubber
Scrubs xss content of any JavaScript object
Usage
const JsonScrubber = require("xss-scrubber");
...
...
console.log(JsonScrubber(obj));
Examples
** String **
console.log(JsonScrubber('<script>alert("xss");</script>'));
** Array **
console.log(JsonScrubber(['<img>hi! this is @ test</img>', 123, '<script>alert("xss");</script>', 'a']));
** Object **
console.log(JsonScrubber({
"entry":[{
"comments":"<script>alert('xss');</script>Test REST API Comments.",
"color":"color10",
"@name": {
"first": [{
"second": "<alert>rn_tag</alert>"
}]
}
}]
}));
"entry":[{
"comments":"<script>alert('xss');</script>Test REST API Comments.",
"color":"color10",
"@name": {
"first": [{
"second": "<alert>rn_tag</alert>"
}]
}
}]
}