How to use the xss.filterXSS function in xss

To help you get started, we’ve selected a few xss examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github SolidZORO / leaa / packages / leaa-api / src / modules / auth / auth.service.ts View on Github external
async login(args: AuthLoginInput): Promise {
    const findUser = await this.userRepository.findOne({
      select: ['id', 'email', 'name', 'status', 'password'],
      where: {
        email: xss.filterXSS(args.email.trim().toLowerCase()),
      },
      // for get flatPermissions
      relations: ['roles'],
    });

    const user = authUtil.checkAvailableUser(findUser);

    const passwordIsMatch = await bcryptjs.compareSync(args.password, user.password);
    if (!passwordIsMatch) return errorUtil.ERROR({ error: `User (${args.email}) Info Not Match` });

    if (user.password) delete user.password;

    return this.addTokenTouser(user);
  }
github erxes / erxes-api / src / workers / index.ts View on Github external
app.use((error, _req, res, _next) => {
  console.error(error.stack);
  res.status(500).send(filterXSS(error.message));
});
github vtex / node-vtex-api / src / service / worker / runtime / graphql / schema / typeDefs / sanitizedString.ts View on Github external
const parseValue = (value: string, options?: IFilterXSSOptions) => {
  return filterXSS(value, options)
}
github SolidZORO / leaa / packages / leaa-api / src / modules / tag / tag.service.ts View on Github external
formatTag(str: string): string {
    if (str) {
      return xss.filterXSS(str.trim().replace(/\s/g, '-'));
    }

    return '';
  }
github vtex / node-vtex-api / src / service / worker / runtime / graphql / schema / typeDefs / sanitizedString.ts View on Github external
const serialize = (input: string, options?: IFilterXSSOptions) => {
  return filterXSS(input, options)
}
github erxes / erxes-api / src / index.ts View on Github external
if (fields && fields.kind === 'nylas') {
          const nylasApi = new IntegrationsAPI();

          const apiResponse = await nylasApi.nylasUpload({
            ...file,
            erxesApiId: fields.erxesApiId,
          });

          return res.send(apiResponse);
        }

        const result = await uploadFile(file, response.upload ? true : false);

        return res.send(result);
      } catch (e) {
        return res.status(500).send(filterXSS(e.message));
      }
    }

    return res.status(500).send(status);
  });
});
github erxes / erxes-api / src / index.ts View on Github external
app.get('/coc-export', async (req: any, res) => {
  const { query, user } = req;
  const { type } = query;

  try {
    const { name, response } =
      type === 'customers' ? await customersExport(query, user) : await companiesExport(query, user);

    res.attachment(`${name}.xlsx`);

    return res.send(response);
  } catch (e) {
    return res.end(filterXSS(e.message));
  }
});

xss

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

MIT
Latest version published 2 days ago

Package Health Score

88 / 100
Full package analysis