10 Best JavaScript XSS Sanitizer Libraries

List hand-picked by Openbase Experts
Learn More

dom

dompurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

License Icon
License: (MPL-2.0 OR Apache-2.0)
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User Rating
5.0/ 5
2
Top Feedback
3Easy to Use
2Performant
GitHub Stars
8K
Weekly Downloads
2M
Last Commit
2mos ago

sanitize-html

Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User Rating
5.0/ 5
1
Top Feedback
N/A
GitHub Stars
3K
Weekly Downloads
1M
Last Commit
1mo ago
xss

xss

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: Built-In
User Rating
5.0/ 5
2
Top Feedback
N/A
GitHub Stars
4K
Weekly Downloads
2M
Last Commit
3mos ago

express-validator

An express.js middleware for validator.js.

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: Built-In
User Rating
4.7/ 5
17
Top Feedback
12Easy to Use
11Great Documentation
9Performant
GitHub Stars
5K
Weekly Downloads
378K
Last Commit
1mo ago
ins

insane

😾 Lean and configurable whitelist-oriented HTML sanitizer

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User Rating
4.0/ 5
1
Top Feedback
N/A
GitHub Stars
392
Weekly Downloads
14K
Last Commit
4yrs ago
es

express-sanitizer

An express.js middleware for node-validator

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
44
Weekly Downloads
7K
Last Commit
9mos ago
exs

express-xss-sanitizer

Express 4.x middleware which sanitizes user input data (in req.body, req.query, req.headers and req.params) to prevent Cross Site Scripting (XSS) attack.

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
3
Weekly Downloads
537
Last Commit
7mos ago
xc

xss-clean

Middleware to sanitize user input

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
48
Weekly Downloads
16K
Last Commit
6yrs ago

express-sanitize-escape

An express.js middleware for sanitizing all query and body parameters automatically

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
6
Weekly Downloads
717
Last Commit
5yrs ago
xa

xss-advanced

Node.js Connect middleware to sanitize user input coming from POST body, GET queries, and url params. Works with Express

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: Built-In
User RatingN/A
Top Feedback
N/A
GitHub Stars
3
Weekly Downloads
600
Last Commit
1yr ago
ea

express-autosanitizer

automatic sanitization of req body fields, params and query fields. uses caja. automatically does sanitization and escaping as middleware.

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
1
Weekly Downloads
586
Last Commit
1yr ago
es

express-sanitized

An express.js middleware for sanitizing all query and body parameters automatically

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
5
Weekly Downloads
509
Last Commit
2yrs ago

@risingstack/protect

Proactively protect your Node.js web services

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: Not Found
TypeScript Icon
Deprecated
User RatingN/A
Top Feedback
N/A
GitHub Stars
399
Weekly Downloads
344
Last Commit
5yrs ago
eas

express-auto-sanitize

Express middleware to auto sanitize user inputs

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
1
Weekly Downloads
100
Last Commit
4yrs ago
np

node-procexss

Middleware to help to prevent xss attacks in your Express/Connect apps

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
5
Weekly Downloads
97
Last Commit
6yrs ago
pro

protecc

but most importantly, he protecc

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
5
Last Commit
5mos ago
sm

sanitize-middleware

Connect/Express middleware that sanitizes requests to protect against cross-site scripting (XSS) and command injection attacks

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
0
Last Commit
8mos ago
sea

scorpion4dev-express-autosanitizer

automatic sanitization of req body fields, params and query. automatically does sanitization and escaping as middleware.

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
25
Last Commit
N/A
ecs

express-caja-sanitizer

An express middleware inspired from express-sanitizer which sanitizes URL params too. It also provides options to sanitize keys and a preprocessor function to exempt a few values from sanitizing.

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
24
Last Commit
6yrs ago
ev

express-validate

Data validation, filtering and sanitization for express

License Icon
License: Unknown
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
14
Last Commit
N/A

@aftership/express-sanitized

An express.js middleware for sanitizing all query and body parameters automatically

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: Not Found
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
6
Last Commit
6yrs ago
ers

express-route-sanitizer-middleware

A sanitizer for GET and POST requests payloads

License Icon
License: ISC
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
5
Last Commit
1yr ago
xrs

xss-req-sanitizer

Middleware to sanitize http requests

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
3
Last Commit
N/A

express-secure-handlebars

Express with Secure Handlebars

License Icon
License: BSD-2-Clause
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
TypeScript Icon
Deprecated
User RatingN/A
Top Feedback
N/A
GitHub Stars
12
Weekly Downloads
3
Last Commit
3yrs ago
ji

json-inspector

Json Inspector is json data validator & sanitizer. It allows you to define validation rules for complex data structures by simple and descriptive way of defining json-compliant inspector schema.

License Icon
License: GPL-3.0
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
3
Last Commit
N/A
xs

xss-scanner

Cross-Site Scripting (XSS) scanner. This tool helps to find possible XSS vulnerabilities. Cross platform - macOS, Linux, and Windows.

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
9
Weekly Downloads
1
Last Commit
5yrs ago
xss

xsslint

Find potential XSS vulnerabilities

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
27
Weekly Downloads
1
Last Commit
2yrs ago
iv

infi-validator

➿ A simple request validator for Express.js apps

License Icon
License: MIT
TypeScript Icon
TypeScript Definitions: DefinitelyTyped
User RatingN/A
Top Feedback
N/A
GitHub Stars
N/A
Weekly Downloads
0
Last Commit
2yrs ago