dompurify

NodeJS require all modules in one file, good practice?

元气小坏坏 提交于 2020-01-14 03:50:14
问题 I am wondering if there is any downside, from a design or security point of view, having one file that requires() all the modules that I need, and then exports them. This would save me to keep track of all modules in every single file. Example: // my_requires.js const bodyParser = require('body-parser') const parseForm = bodyParser.urlencoded({extended: false}) const DOMPurify = require('dompurify'); const {JSDOM} = require('jsdom'); const jwt = require('jsonwebtoken'); const passport =

How to install, import and use DOMPurify in frontend js file?

不问归期 提交于 2019-12-08 17:20:56
问题 This is more of a "can you please confirm this is correct" type of question, as I think I resolved it in the process of writing the question but hopefully it will be of help to other people who are a bit hesitant when it comes to implementing DOMPurify. Short Version Is it safe/valid to import and use DOMPurify like this in frontend js file: npm install dompurify --save import DOMPurify from 'dompurify'; var clean = DOMPurify.sanitize('<img src=x onerror=alert(1)//>', {SAFE_FOR_JQUERY: true})

NodeJS require all modules in one file, good practice?

萝らか妹 提交于 2019-12-06 17:40:47
I am wondering if there is any downside, from a design or security point of view, having one file that requires() all the modules that I need, and then exports them. This would save me to keep track of all modules in every single file. Example: // my_requires.js const bodyParser = require('body-parser') const parseForm = bodyParser.urlencoded({extended: false}) const DOMPurify = require('dompurify'); const {JSDOM} = require('jsdom'); const jwt = require('jsonwebtoken'); const passport = require('passport'); require('../config/passport')(passport) module.exports = { bodyParser: bodyParser,
订阅 dompurify