How to use the validator.escape function in validator
To help you get started, we’ve selected a few validator examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
WeAreOpenSourceProjects / NodeAngular / server / modules / users / server / controllers / users / users.profile.server.controller.js View on Github 
exports.me = function (req, res) {
// Sanitize the user - short term solution. Copied from core.server.controller.js
// TODO create proper passport mock: See https://gist.github.com/mweibel/5219403
var safeUserObject = null;
if (req.user) {
safeUserObject = {
displayName: validator.escape(req.user.displayName),
provider: validator.escape(req.user.provider),
username: validator.escape(req.user.username),
created: req.user.created.toString(),
roles: req.user.roles,
profileImageURL: req.user.profileImageURL,
email: validator.escape(req.user.email),
lastName: validator.escape(req.user.lastName),
firstName: validator.escape(req.user.firstName),
additionalProvidersData: req.user.additionalProvidersData
};
}
res.json(safeUserObject || null);
};}).exec(function (err, admin) {
if (err) {
console.log("error caught");
} else {
if (req.user) {
safeUserObject = {
displayName: validator.escape(req.user.displayName),
provider: validator.escape(req.user.provider),
username: validator.escape(req.user.username),
created: req.user.created.toString(),
roles: req.user.roles,
profileImageURL: req.user.profileImageURL,
email: validator.escape(req.user.email),
lastName: validator.escape(req.user.lastName),
firstName: validator.escape(req.user.firstName),
additionalProvidersData: req.user.additionalProvidersData
};
if (admin) {
safeUserObject.roles.push('admin');
}
}
res.render('modules/core/server/views/index', {
user: safeUserObject
});
}
});
};async function parse(post) {
if (!post.content || !options.parse) {
post.content = post.content ? validator.escape(String(post.content)) : post.content;
return post;
}
post = await Posts.parsePost(post);
if (options.stripTags) {
post.content = stripTags(post.content);
}
return post;
}
return await Promise.all(posts.map(p => parse(p)));body.editedBy.date = new Date();
body.editedBy.user = body.uId;
}
if (body.logged) {
body.logged = validator.escape(body.logged);
body.logged = xssFilters.inHTMLData(body.logged);
}
if (body.attachments) {
var attachments = body.attachments;
if (attachments.id) {
attachments.id = validator.escape(attachments.id);
attachments.id = xssFilters.inHTMLData(attachments.id);
}
if (attachments.name) {
attachments.name = validator.escape(attachments.name);
attachments.name = xssFilters.inHTMLData(attachments.name);
}
if (attachments.path) {
attachments.path = validator.escape(attachments.path);
attachments.path = xssFilters.inHTMLData(attachments.path);
}
if (attachments.size) {
attachments.size = validator.escape(attachments.size);
attachments.size = xssFilters.inHTMLData(attachments.size);
}
if (attachments.uploadDate) {
attachments.uploadDate = validator.escape(attachments.uploadDate);
attachments.uploadDate = xssFilters.inHTMLData(attachments.uploadDate);
}
if (attachments.uploaderName) {
attachments.uploaderName = validator.escape(attachments.uploaderName);function escapeGroupData(group) {
if (group) {
group.nameEncoded = encodeURIComponent(group.name);
group.displayName = validator.escape(String(group.name));
group.description = validator.escape(String(group.description || ''));
group.userTitle = validator.escape(String(group.userTitle || '')) || group.displayName;
}
}userData['downvote:disabled'] = meta.config['downvote:disabled'] === 1;
userData['email:confirmed'] = !!userData['email:confirmed'];
userData.profile_links = filterLinks(results.profile_menu.links, {
self: isSelf,
other: !isSelf,
moderator: isModerator,
globalMod: isGlobalModerator,
admin: isAdmin,
canViewInfo: canViewInfo,
});
userData.sso = results.sso.associations;
userData.banned = userData.banned === 1;
userData.website = validator.escape(String(userData.website || ''));
userData.websiteLink = !userData.website.startsWith('http') ? 'http://' + userData.website : userData.website;
userData.websiteName = userData.website.replace(validator.escape('http://'), '').replace(validator.escape('https://'), '');
userData.fullname = validator.escape(String(userData.fullname || ''));
userData.location = validator.escape(String(userData.location || ''));
userData.signature = validator.escape(String(userData.signature || ''));
userData.birthday = validator.escape(String(userData.birthday || ''));
userData.moderationNote = validator.escape(String(userData.moderationNote || ''));
if (userData['cover:url']) {
userData['cover:url'] = userData['cover:url'].startsWith('http') ? userData['cover:url'] : (nconf.get('relative_path') + userData['cover:url']);
} else {
userData['cover:url'] = require('../../coverPhoto').getDefaultProfileCover(userData.uid);
}
userData['cover:position'] = validator.escape(String(userData['cover:position'] || '50% 50%'));
userData['username:disableEdit'] = !userData.isAdmin && meta.config['username:disableEdit'];
userData['email:disableEdit'] = !userData.isAdmin && meta.config['email:disableEdit'];exports.renderIndex = function (req, res) {
var safeUserObject = null;
if (req.user) {
safeUserObject = {
displayName: validator.escape(req.user.displayName),
provider: validator.escape(req.user.provider),
username: validator.escape(req.user.username),
created: req.user.created.toString(),
roles: req.user.roles,
profileImageURL: req.user.profileImageURL,
email: validator.escape(req.user.email),
lastName: validator.escape(req.user.lastName),
firstName: validator.escape(req.user.firstName),
additionalProvidersData: req.user.additionalProvidersData
};
}
res.render('server/core/views/index', {
user: JSON.stringify(safeUserObject),
sharedConfig: JSON.stringify(config.shared),
menuItems: JSON.stringify(config.utils.getMenuItems(config,req.user)),
title:config.app.title
});
};a_pubDate = new Date
(
page.substring(v_published_pre+11, v_published_post)
).getTime()/1000;
a_description = page.substring(v_description_pre+19, v_description_post);
a_title = validator.escape(a_title);
if(!validator.whitelist(
a_id.toLowerCase(), 'abcdefghijklmnopqrstuvwxyz1234567890_-'))
{
return reject('Extracted id is not of the expected form');
break;
}
a_description = validator.escape(a_description);
if(page.indexOf('') == -1)
{
return reject(' not found');
break;
}
page = page.substring(page.indexOf(''));
if(a_pubDate >= (new Date().getTime()/1000) - global.old_video_limit_sec)
{
values += `${values.length ? ',' : ''}
(${ch_id_id}, '${a_id}', '${a_title}', ${a_pubDate}, '${a_description}')`;
}
}async.map(users, function (user, next) {
if (!user) {
return next(null, user);
}
db.parseIntFields(user, intFields, requestedFields);
if (user.hasOwnProperty('username')) {
user.username = validator.escape(user.username ? user.username.toString() : '');
}
if (user.hasOwnProperty('email')) {
user.email = validator.escape(user.email ? user.email.toString() : '');
}
if (!parseInt(user.uid, 10)) {
user.uid = 0;
user.username = (user.hasOwnProperty('oldUid') && parseInt(user.oldUid, 10)) ? '[[global:former_user]]' : '[[global:guest]]';
user.userslug = '';
user.picture = User.getDefaultAvatar();
user['icon:text'] = '?';
user['icon:bgColor'] = '#aaa';
user.groupTitle = '';
}
Popular validator functions
- validator.check
- validator.escape
- validator.extend
- validator.isAlpha
- validator.isAlphanumeric
- validator.isEmail
- validator.isEmpty
- validator.isFloat
- validator.isInt
- validator.isIP
- validator.isLength
- validator.isMobilePhone
- validator.isNumeric
- validator.isURL
- validator.isUUID
- validator.matches
- validator.sanitize
- validator.toInt
- validator.trim
- validator/lib/isEmail