Enhancement: Security Improvement Suggestion for HTML inputs #57

[100NikhilBro]

Security Improvement Suggestion #57

Suggestion:
Implement sanitize-html middleware to clean user inputs.

Why?

• Prevents XSS (Cross-Site Scripting) attacks by sanitizing HTML inputs.
• Ensures only safe HTML tags and attributes are allowed.

Implementation Details:

• Created a central sanitizeMiddleware.js.
• Middleware sanitizes req.body, req.params, and req.query.
• Integrated middleware globally in server.js before routes.

Testing / Usage:

• All endpoints now sanitize HTML inputs automatically.
• Tested with nested objects and arrays to ensure complete sanitization.

[netlify]

✅ Deploy Preview for paisable ready!

Name	Link
🔨 Latest commit	609b49f
🔍 Latest deploy log	https://app.netlify.com/projects/paisable/deploys/68e7d7f5c792eb0008d08740
😎 Deploy Preview	https://deploy-preview-100--paisable.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 90 Accessibility: 100 Best Practices: 100 SEO: 91 PWA: 80 View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[100NikhilBro]

Hi @archa8 @Avdhesh-Varshney,
I’ve made the changes and pushed the PR. Please take a look and let me know if any improvements are needed.

[Avdhesh-Varshney]

LGTM 👍

[100NikhilBro]

Hi @Avdhesh-Varshney @archa8 👋, just checking — is the PR ready to be merged, or do you need any updates from my side? I noticed it’s approved but not yet merged, so just wanted to confirm if there’s any issue with the code. 😊

[archa8]

LGTM!

[archa8]

Hey @100NikhilBro, actually your PR branch is behind the base (master) branch. Please update your branch with the latest master so we can merge.

[100NikhilBro]

Hi @archa8 I’ve synced my branch with the latest master. Please verify once and proceed with the merge when convenient.

[archa8]

Merged! Thank you for your contribution @100NikhilBro.