How to use the validator.sanitize function in validator
To help you get started, we’ve selected a few validator examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
oaeproject / Hilary / packages / oae-principals / lib / internal / dao.js View on Github 
const _hashToUser = function(hash) {
const user = new User(hash.tenantAlias, hash.principalId, hash.displayName, hash.email, {
visibility: hash.visibility,
deleted: hash.deleted,
locale: hash.locale,
publicAlias: hash.publicAlias,
isGlobalAdmin: sanitize(hash['admin:global']).toBooleanStrict(),
isTenantAdmin: sanitize(hash['admin:tenant']).toBooleanStrict(),
smallPictureUri: hash.smallPictureUri,
mediumPictureUri: hash.mediumPictureUri,
largePictureUri: hash.largePictureUri,
notificationsUnread: OaeUtil.getNumberParam(hash.notificationsUnread),
notificationsLastRead: OaeUtil.getNumberParam(hash.notificationsLastRead),
emailPreference: hash.emailPreference || PrincipalsConfig.getValue(hash.tenantAlias, 'user', 'emailPreference'),
acceptedTC: OaeUtil.getNumberParam(hash.acceptedTC, 0),
lastModified: OaeUtil.getNumberParam(hash.lastModified),
isUserArchive: hash.isUserArchive
});
return user;
};function processAuthorData(data, widgetConfig) {
if (data.author) {
var attribs = data.author["@"];
if (!attribs && typeof data.author === "string") {
//do not sanitize empty objects {} (must be string)
widgetConfig.author = sanitize(data.author).trim();
} else if (data.author["#"]) {
widgetConfig.author = sanitize(data.author["#"]).trim();
}
if (attribs) {
widgetConfig.authorURL = attribs.href;
widgetConfig.copyright = attribs["rim:copyright"];
widgetConfig.authorEmail = attribs.email;
}
}
}if (val || val === 0 || val === "0") {
switch (field.type) {
case "text":
val = addAttr("value", sanitize(val).trim());
break;
case "date":
try {
val = DateFormatter(val);
} catch (e) {
}
val = addAttr("value", val);
break;
case "hidden":
val = addAttr("value", sanitize(val.toString()).trim());
break;
case "checkbox":
val = addAttr("checked", "checked");
break;
case "radio":
val = addAttr("checked", "checked");
break;
default:
val = "";
break;
}
}if (!req.session || !req.session.user) {
return res.redirect("/login");
}
var giftObj = {};
giftObj.giftId = util.GUID();
try {
check(req.body.name).notEmpty();
check(req.body.categoryId).notEmpty();
giftObj.name = sanitize(sanitize(req.body.name).trim()).xss();
giftObj.categoryId = sanitize(sanitize(req.body.categoryId).trim()).xss();
giftObj.brand = sanitize(sanitize(req.body.brand || "").trim()).xss();
giftObj.unit = sanitize(sanitize(req.body.unit || "").trim()).xss();
giftObj.price = sanitize(sanitize(req.body.price || "").trim()).xss();
giftObj.expireDate = sanitize(sanitize(req.body.expireDate || "").trim()).xss();
giftObj.categoryId = sanitize(sanitize(req.body.categoryId).trim()).xss();
} catch (e) {
return res.send(resUtil.generateRes(null, config.statusCode.STATUS_INVAILD_PARAMS));
}
var ep = EventProxy.create();
Gift.add(giftObj, function (err, rows) {
if (err) {
return ep.emitLater("error", err);
}
ep.emitLater("after_addGift");
});
ep.once("after_addGift", function () {function processAuthorData(data, widgetConfig) {
if (data.author) {
var attribs = data.author["@"];
if (!attribs && typeof data.author === "string") {
//do not sanitize empty objects {} (must be string)
widgetConfig.author = sanitize(data.author).trim();
} else if (data.author["#"]) {
widgetConfig.author = sanitize(data.author["#"]).trim();
}
if (attribs) {
widgetConfig.authorURL = attribs.href;
widgetConfig.copyright = attribs["rim:copyright"];
widgetConfig.authorEmail = attribs.email;
}
}
}exports.modification = function (req, res, next) {
debugCtrller("/controllers/gift/modification");
if (!req.session || !req.session.user) {
return res.redirect("/login");
}
var giftObj = {};
try {
check(req.body.giftId).notEmpty();
check(req.body.name).notEmpty();
check(req.body.categoryId).notEmpty();
giftObj.giftId = sanitize(sanitize(req.body.giftId).trim()).xss();
giftObj.name = sanitize(sanitize(req.body.name).trim()).xss();
giftObj.categoryId = sanitize(sanitize(req.body.categoryId).trim()).xss();
giftObj.brand = sanitize(sanitize(req.body.brand || "").trim()).xss();
giftObj.unit = sanitize(sanitize(req.body.unit || "").trim()).xss();
giftObj.price = sanitize(sanitize(req.body.price || "").trim()).xss();
giftObj.expireDate = sanitize(sanitize(req.body.expireDate || "").trim()).xss();
giftObj.categoryId = sanitize(sanitize(req.body.categoryId).trim()).xss();
} catch (e) {
return res.send(resUtil.generateRes(null, config.statusCode.STATUS_INVAILD_PARAMS));
}
Gift.modify(giftObj, function (err, rows) {
if (err) {
return res.send(resUtil.generateRes(null, err.statusCode));
}
return res.send(resUtil.generateRes(null, config.statusCode.STATUS_OK));function processAuthorData(data, widgetConfig) {
if (data.author) {
var attribs = data.author["@"];
if (!attribs && typeof data.author === "string") {
//do not sanitize empty objects {} (must be string)
widgetConfig.author = sanitize(data.author).trim();
} else if (data.author["#"]) {
widgetConfig.author = sanitize(data.author["#"]).trim();
}
if (attribs) {
widgetConfig.authorURL = attribs.href;
widgetConfig.copyright = attribs["rim:copyright"];
widgetConfig.authorEmail = attribs.email;
}
}
}function processAuthorData(data, widgetConfig) {
if (data.author) {
var attribs = data.author["@"];
if (!attribs && typeof data.author === "string") {
//do not sanitize empty objects {} (must be string)
widgetConfig.author = sanitize(data.author).trim();
} else if (data.author["#"]) {
widgetConfig.author = sanitize(data.author["#"]).trim();
}
if (attribs) {
widgetConfig.authorURL = attribs.href;
widgetConfig.copyright = attribs["rim:copyright"];
widgetConfig.authorEmail = attribs.email;
}
}
}app.use(function (req, res, next) {
var msg = 'Cannot GET ' + sanitize(req.url).xss();
var accept = (req.headers || {}).accept || '';
if (accept.search('json') > 0) {
res.writeHead(404, {
'content-type':'application/json'
});
res.write(JSON.stringify({ error:msg }));
res.end();
return;
}
res.writeHead(404, {
'content-type':'text/plain'
});
res.write(msg);
res.end();
});exports.insertion = function (req, res, next) {
debugCtrller("/controllers/limit/insertion");
if (!req.session || !req.session.user) {
return res.redirect("/login");
}
var limitInfo = {};
try {
check(req.body.giftId).notEmpty();
check(req.body.limitNum).notEmpty();
limitInfo.giftId = sanitize(sanitize(req.body.giftId).trim()).xss();
limitInfo.limitNum = sanitize(sanitize(req.body.limitNum).trim()).xss();
} catch (e) {
return res.send(resUtil.generateRes(null, config.statusCode.STATUS_INVAILD_PARAMS));
}
Limitation.add(limitInfo, function (err, rows) {
if (err) {
return res.send(resUtil.generateRes(null, err.statusCode));
}
return res.send(resUtil.generateRes(null, config.statusCode.STATUS_OK));
});
};
Popular validator functions
- validator.check
- validator.escape
- validator.extend
- validator.isAlpha
- validator.isAlphanumeric
- validator.isEmail
- validator.isEmpty
- validator.isFloat
- validator.isInt
- validator.isIP
- validator.isLength
- validator.isMobilePhone
- validator.isNumeric
- validator.isURL
- validator.isUUID
- validator.matches
- validator.sanitize
- validator.toInt
- validator.trim
- validator/lib/isEmail