Check out Amazon Advertising for Humans. Now publicly available ๐Ÿš€

Frosty CMS: Sanitizing Inputs ๐Ÿงผ



Continuing our series on Frosty CMS, where we are building a blog CMS from scratch. We have completed all of our basic CRUD operations. Now letโ€™s work on sanitizing our inputs so that we can allow users to input HTML without doing anything malicious.


To accomplish this we will be using the package express-sanitizer. We follow the installation instructions on the NPM page. The we just have to intercept the data being sent to our routes and run it through the sanitizer first to remove any scripts.

// new post"/blogs", function(req, res){
    // sanitize inputs = req.sanitize(; = req.sanitize(; = req.sanitize(;
    // get data from form and add to blogs array
    Blog.create(, function(err, newDatabaseRecord){
            console.log("Failed to write post to database.");
        } else {
            console.log("Blog successfully saved to database.");
            // redirect back to blogs page

Then you have to repeat that code on all the routes where the user is sending data. For example you must also include this in the edit blog route.

GitHub Repo

Ncoughlin: Frosty

Amazon Ad Analytics For Humans

Advertising reports automatically saved and displayed beautifully for powerful insights.
portfolios page sunburst chart