An ESAPI(Enterprise Security API) plugin for egg.js
$ npm i egg-esapi --save
// {app_root}/config/plugin.js
exports.esapi = {
enable: true,
package: 'egg-esapi',
};
this.app.esapi.encodeForHTML(HTML);
this.app.esapi.encodeForCSS(CSS);
this.app.esapi.encodeForJavaScript(JavaScript);
this.app.esapi.encodeForURL(URL);
this.app.esapi.encodeForHTMLAttribute(HTMLAttribute);
this.app.esapi.encodeForBase64(Base64);
// or use in context
this.ctx.esapi.encodeForHTML(HTML);
this.ctx.esapi.encodeForCSS(CSS);
this.ctx.esapi.encodeForJavaScript(JavaScript);
this.ctx.esapi.encodeForURL(URL);
this.ctx.esapi.encodeForHTMLAttribute(HTMLAttribute);
this.ctx.esapi.encodeForBase64(Base64);
Please open an issue here.