XSS filter only works in query strings

- [x] Used appropriate template for the issue type
- [x] Searched both open and closed issues for duplicates of this issue
- [x] Title adequately and _concisely_ reflects the feature or the bug

# Bug Report

## Restify Version 4.1.1

## Node.js Version 4.9.1

## Expected behaviour

> xss filter works to clean scripts

## Actual behaviour

> xss filter only works to clean scripts in query strings

## Repro case

use postman to send REST requests, and compare responses

> GET https://testhost/xss?<script>alert(73541);</script>
>> {
    "code": "ResourceNotFound",
    "message": "/xss does not exist"
}

> GET https://testhost/xss/<script>alert(73541);</script>
>> {
    "code": "ResourceNotFound",
    "message": "/xss/%3Cscript%3Ealert(73541);%3C/script%3E does not exist"
}

## Cause

> Insufficient development on previous fixes on #1031 #1032 to #1018 

## Are you willing and able to fix this?

> Yes. I would like to investigate for a sulotion, but I'll be appreciated if someone can have a quickier fix.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

XSS filter only works in query strings #1734

Bug Report

Restify Version 4.1.1

Node.js Version 4.9.1

Expected behaviour

Actual behaviour

Repro case

Cause

Are you willing and able to fix this?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

XSS filter only works in query strings #1734

Description

Bug Report

Restify Version 4.1.1

Node.js Version 4.9.1

Expected behaviour

Actual behaviour

Repro case

Cause

Are you willing and able to fix this?

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions