Skip to content

Latest commit

 

History

History
52 lines (41 loc) · 1.49 KB

README.md

File metadata and controls

52 lines (41 loc) · 1.49 KB

mongoose-sanitizer-plugin

Sanitizer for mongoose models.

Uses Caja-HTML-Sanitizer.

Installation

npm i mongoose-sanitizer-plugin --save

Options

Parameter Type Default Description
mode String escape Enum: sanitizer, escape, normalizeRCData, unescapeEntities. See Caja-HTML-Sanitizer docs.
include String, Array<String> [] List of properties that will be sanitized.
exclude String, Array<String> [] List of properties that won't be sanitized.

If both include and exclude are not specified then all string properties will be sanitized.

Examples

Minimal usage:

const sanitizerPlugin = require('mongoose-sanitizer-plugin');
const mongoose = require('mongoose');
const SomeSchema = new mongoose.Schema({ /* ... */ });

SomeSchema.plugin(sanitizerPlugin);

mongoose.model('Some', SomeSchema);

Specifying your own options:

SomeSchema.plugin(sanitizerPlugin, {
    mode: 'sanitize',
    include: ['firstName', 'lastName']
});

Specifying options with different mode for every group of properties:

SomeSchema.plugin(sanitizerPlugin, [
    {
        mode: 'sanitizer',
        include: ['firstName', 'lastName']
    },
    {
        mode: 'escape',
        include: 'bio'
    }
]);