1.0.0 • Published 4 years ago
authbox.sanitization v1.0.0
AuthBox sanitization middleware
Usage
Basic
The following example will sanitize both req.query and req.body values
const express = require('express');
const bodyParser = require('body-parser');
const sanitization = require('authbox.sanitization');
const app = express();
app.use(bodyParser.urlencoded({ extended: true }));
// This line must come AFTER using body-parser
app.use(sanitization());
Customise what is sanitized
You can also specify if you want to not sanitise either query or body values
app.use(sanitization({
sanitizeQuery: false,
}));
app.use(sanitization({
sanitizeBody: false,
}));
Customise sanitization
You can also customise the sanitization routine. The following example shows applying a custom rule to enforce a specific regex for a uid parameter.
app.use(sanitization({
sanitizer: (key, value) => {
if(key.toLowerCase() === 'uid') {
return !/^[A-Za-z0-9]+$/.test(value) ? '' : value;
} else {
// You can still call the default sanitizer too
return sanitization.defaultSanitizer(key, value);
}
},
}));
1.0.0
4 years ago