node-sanitize
Input sanitizing library for node.js
Summary
This library is for the purpose of sanitizing user input. The examples below show some of the built in sanitizers. You can create your own custom sanitizers. Please refer to the tests for more examples of how to use this library.
Install
npm install --save sanitize
Test
npm test
Usage
var express = require('express');
var app = express();
app.use(require('sanitize').middleware);
app.get('/ping', function(req, res) {
var param = req.queryInt('param');
res.send('pong ' + (typeof param) + ' ' + param);
});
app.listen(8080);
Documentation
Sanitize Objects
sanitize.primitives(obj: PlainObject): PlainObject
This will remove all keys from a plain object that are not String
, Integer
, or Boolean
. It's great for sanitizing objects before inserting into the database.
Express Middleware
req.headerInt(headerName: String): Integer
req.headerString(headerName: String): String
req.headerFloat(headerName: String): Float
req.headerEmail(headerName: String): String
req.headerPattern(headerName: String, pattern: RegExp): String
req.headerOneOf(headerName: String, arr: Array): String
req.bodyInt(bodyParam: String): Integer
req.bodyString(bodyParam: String): String
req.bodyFloat(bodyParam: String): Float
req.bodyEmail(bodyParam: String): String
req.bodyPattern(bodyParam: String, pattern: RegExp): String
req.bodyOneOf(bodyName: String, arr: Array): String
req.queryInt(queryParam: String): Integer
req.queryString(queryParam: String): String
req.queryFloat(queryParam: String): Float
req.queryEmail(queryParam: String): String
req.queryPattern(queryParam: String, pattern: RegExp): String
req.queryOneOf(queryName: String, arr: Array): String
req.paramInt(paramName: String): Integer
req.paramString(paramName: String): String
req.paramFloat(paramName: String): Float
req.paramEmail(paramName: String): String
req.paramPattern(paramName: String, pattern: RegExp): String
req.paramOneOf(paramName: String, arr: Array): String