ajv-sanitizer

String sanitization with JSON-Schema using Ajv

Usage no npm install needed!

<script type="module">
  import ajvSanitizer from 'https://cdn.skypack.dev/ajv-sanitizer';
</script>

README

ajv-sanitizer

String sanitization with JSON-Schema using Ajv.

npm

It uses the library validator.js under the hood for string sanitizion.

Installation and Usage

Installation

Install the library with npm install ajv-sanitizer

Usage

const Ajv = require('ajv');
const ajvSanitizer = require('ajv-sanitizer');
const assert = require('assert');

const ajv = new Ajv();
ajvSanitizer(ajv);

const schema = {
    type: 'object',
    properties: {
        value: {
            type: 'string',
            sanitize: 'text',
        },
    },
};

// sanitized data must be an object property
const data = {
    value: ' trim & escape string',
};

ajv.validate(schema, data);

assert(data.value === 'trim &amp; escape string');

ES6

import ajvSanitizer from 'ajv-sanitizer';

API

ajvSanitize(ajvInstance, [extraSanitizers])

Returns Ajv instance. It adds a sanitize keyword available for string types.

ajvInstance

Type: Ajv

The ajv instance to add the sanitize keyword.

extraSanitizers

Type: Object

Extend or override defaults sanitizers available in json schema.

Sanitizers

Available sanitizers

Here is a list of the sanitizers currently available :

  • boolean
  • date
  • email
  • escape
  • float
  • int
  • number
  • text (escape then trim)
  • trim

See validator.js sanitizers for details

Custom sanitizer

const schema = {
    type: 'object',
    properties: {
        value: {
            type: 'string',
            // Custom sanitizer
            sanitize: data => `-- ${data} --`,
        },
    },
};

Usage of email sanitization with custom options:

import { normalizeEmail } from 'validator';

const schema = {
    type: 'object',
    properties: {
        value: {
            type: 'string',
            sanitize: email => normalizeEmail(email, { gmail_remove_dots: false }),
        },
    },
};

If you want to sanitize email this way in every schema, use the following option

Extending default sanitizers

Adding a sanitizer or override a default globally :

const Ajv = require('ajv');
const ajvSanitizer = require('ajv-sanitizer');
const { normalizeEmail } = require('validator');

const ajv = new Ajv();

// Define extra sanitizer and override defaults
const extraSanitizers = {
    email: email => normalizeEmail(email, { gmail_remove_dots: false }), // overrides default email sanitizer
    uppercase: text => text.toUpperCase(), // new uppercase sanitizer
};

ajvSanitizer(ajv, extraSanitizers);

const schema = {
    type: 'object',
    properties: {
        email: {
            type: 'string',
            sanitize: 'email',
        },
        lastname: {
            type: 'string',
            sanitize: 'uppercase',
        },
    },
};