Web forms present a security vulnerability on websites where hackers can potentially interact with a database. A seemingly harmless form or URL parameters can be a place for hackers to inject malicious code to a server.

One method of preventing SQL injection is to sanitize inputs. Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs before using them.

validator.js is a library of string validators and sanitizers that can be used server-side with Node.js. validator.js can be used to validate forms and sanitize inputs before using a form value in the application code.

Note that there is a package named express-validator that wraps validator.js functions for use in express applications.

In the next exercises, we’ll differentiate between input validation and input cleaning. We’ll apply these techniques on a simple web app.



Use the require() function to include the validator package in app.js in a variable named validator.

Press the Check Work button to check your work.

Take this course for free

Mini Info Outline Icon
By signing up for Codecademy, you agree to Codecademy's Terms of Service & Privacy Policy.

Or sign up using:

Already have an account?