10 Best JavaScript XSS Sanitizer Libraries
List hand-picked by Openbase ExpertsLearn More
List hand-picked by Openbase Experts
dompurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
License: (MPL-2.0 OR Apache-2.0)
TypeScript Definitions: DefinitelyTyped
User Rating
5.0/ 5
2Top Feedback
3Easy to Use
2Performant
GitHub Stars
8K
Weekly Downloads
2M
Last Commit
2mos ago
sanitize-html
Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
License: MIT
TypeScript Definitions: DefinitelyTyped
User Rating
5.0/ 5
1Top Feedback
N/A
GitHub Stars
3K
Weekly Downloads
1M
Last Commit
1mo ago
xss
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
License: MIT
TypeScript Definitions: Built-In
User Rating
5.0/ 5
2Top Feedback
N/A
GitHub Stars
4K
Weekly Downloads
2M
Last Commit
3mos ago
express-validator
An express.js middleware for validator.js.
License: MIT
TypeScript Definitions: Built-In
User Rating
4.7/ 5
17Top Feedback
12Easy to Use
11Great Documentation
9Performant
GitHub Stars
5K
Weekly Downloads
378K
Last Commit
1mo ago
insane
😾 Lean and configurable whitelist-oriented HTML sanitizer
License: MIT
TypeScript Definitions: DefinitelyTyped
User Rating
4.0/ 5
1Top Feedback
N/A
GitHub Stars
392
Weekly Downloads
14K
Last Commit
4yrs ago
express-sanitizer
An express.js middleware for node-validator
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
44
Weekly Downloads
7K
Last Commit
9mos ago
express-xss-sanitizer
Express 4.x middleware which sanitizes user input data (in req.body, req.query, req.headers and req.params) to prevent Cross Site Scripting (XSS) attack.
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
3
Weekly Downloads
537
Last Commit
7mos ago
xss-clean
Middleware to sanitize user input
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
48
Weekly Downloads
16K
Last Commit
6yrs ago
express-sanitize-escape
An express.js middleware for sanitizing all query and body parameters automatically
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
6
Weekly Downloads
717
Last Commit
5yrs ago
xss-advanced
Node.js Connect middleware to sanitize user input coming from POST body, GET queries, and url params. Works with Express
License: MIT
TypeScript Definitions: Built-In
User RatingN/A
Top Feedback
N/A
GitHub Stars
3
Weekly Downloads
600
Last Commit
1yr ago
express-autosanitizer
automatic sanitization of req body fields, params and query fields. uses caja. automatically does sanitization and escaping as middleware.
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
1
Weekly Downloads
586
Last Commit
1yr ago
express-sanitized
An express.js middleware for sanitizing all query and body parameters automatically
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
5
Weekly Downloads
509
Last Commit
2yrs ago
@risingstack/protect
Proactively protect your Node.js web services
License: MIT
TypeScript Definitions: Not Found
Deprecated
User RatingN/A
Top Feedback
N/A
GitHub Stars
399
Weekly Downloads
344
Last Commit
5yrs ago
express-auto-sanitize
Express middleware to auto sanitize user inputs
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
1
Weekly Downloads
100
Last Commit
4yrs ago
node-procexss
Middleware to help to prevent xss attacks in your Express/Connect apps
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
5
Weekly Downloads
97
Last Commit
6yrs ago
protecc
but most importantly, he protecc
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
5
Last Commit
5mos ago
sanitize-middleware
Connect/Express middleware that sanitizes requests to protect against cross-site scripting (XSS) and command injection attacks
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
0
Last Commit
8mos ago
scorpion4dev-express-autosanitizer
automatic sanitization of req body fields, params and query. automatically does sanitization and escaping as middleware.
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
25
Last Commit
N/A
express-caja-sanitizer
An express middleware inspired from express-sanitizer which sanitizes URL params too. It also provides options to sanitize keys and a preprocessor function to exempt a few values from sanitizing.
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
24
Last Commit
6yrs ago
express-validate
Data validation, filtering and sanitization for express
License: Unknown
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
14
Last Commit
N/A
@aftership/express-sanitized
An express.js middleware for sanitizing all query and body parameters automatically
License: MIT
TypeScript Definitions: Not Found
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
6
Last Commit
6yrs ago
express-route-sanitizer-middleware
A sanitizer for GET and POST requests payloads
License: ISC
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
5
Last Commit
1yr ago
xss-req-sanitizer
Middleware to sanitize http requests
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
3
Last Commit
N/A
express-secure-handlebars
Express with Secure Handlebars
License: BSD-2-Clause
TypeScript Definitions: DefinitelyTyped
Deprecated
User RatingN/A
Top Feedback
N/A
GitHub Stars
12
Weekly Downloads
3
Last Commit
3yrs ago
json-inspector
Json Inspector is json data validator & sanitizer. It allows you to define validation rules for complex data structures by simple and descriptive way of defining json-compliant inspector schema.
License: GPL-3.0
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
3
Last Commit
N/A
xss-scanner
Cross-Site Scripting (XSS) scanner. This tool helps to find possible XSS vulnerabilities. Cross platform - macOS, Linux, and Windows.
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
9
Weekly Downloads
1
Last Commit
5yrs ago
xsslint
Find potential XSS vulnerabilities
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
27
Weekly Downloads
1
Last Commit
2yrs ago
infi-validator
➿ A simple request validator for Express.js apps
License: MIT
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
0
Last Commit
2yrs ago