Answers for "how to prevent xss attacks in node js"

0

how to prevent xss attacks in node js

- All usual techniques apply to node.js output as well, which means:

* Blacklists will not work.
* You're not supposed to filter input in order to protect HTML output. It will not work or will work by needlessly malforming the data.
* You're supposed to HTML-escape text in HTML output.
- I'm not sure if node.js comes with some built-in for this, but something like that should do the job:

function htmlEscape(text) {
   return text.replace(/&/g, '&').
     replace(/</g, '&lt;').  // it's not neccessary to escape >
     replace(/"/g, '&quot;').
     replace(/'/g, '&#039;');
}
Posted by: Guest on June-07-2021

Code answers related to "Javascript"

Browse Popular Code Answers by Language