node防xss攻击插件 

var xss = require('node-xss').clean;
router.post("/orders/insert-orders", function (req, res) {
    //对请求体做xss过滤
    var data = xss(req.body);
    var url = urlMap.englishlistenspeakserver + '/orders/insert-orders';
    var options = {
        url: url,
        method: 'POST',
        json: true,
        qs: data
    };
    request(options, function (error, response, body) {
        res.send(body);
    })
});

 

posted @ 2018-01-08 14:57  罗知晏  阅读(4204)  评论(0编辑  收藏  举报