Node/Koa2[48]: xss 攻击

Jul 16, 2023 · Yin灏

安装

npm i xss --save

处理过滤

src/controller/blog-home.js

const { createBlog } = require("../services.blog");
const { SuccessModel, ErrorModel } = require("../model/ResModel");
const { createBlogFailInfo } = require("../model/ErrorInfo");

const xss = require("xss");

async function create({ userId, content, image }) {
  // services 层
  try {
    const blog = await createBlog({ userId, content: xss(content), image });
    return new SuccessModel(blog);
  } catch (ex) {
    console.error(ex.message, ex.stack);
    return new ErrorModel(createBlogFailInfo);
  }
}

module.exports = {
  create,
};

安装

处理过滤

- Book Lists -