Bluebase - Enable sanitization for Pocketbase #215
jackyscript
started this conversation in
Show and tell
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hello community,
I wanted to tell you, bluemonday helped me a great deal to enable sanitization when using Pocketbase. I created a small PoC project for that purpose.
If you do not know, I can tell you Pocketbase is a great tool for many use cases, essentially it is a database in one file with many common features required for webapps built-in.
That being said, I had the necessity to sanitize user input prior to persisting that into the database and unfortunately this is not currently supported in Pocketbase: You can use JS to extend the functionality and I tried to incorpate commonly known libraries for sanitizing input on the server such as DOMPurify and sanitize-html. But they cannot be used with Pocketbase, as the JS backend in Pocketbase is not a node.js environment, instead it uses goja and those libraries make use of node.js specific API.
Thanks to the possibility to extend Pocketbase with custom Go code however, I could use bluemonday to sanitize user input nonetheless. It is also possible to "provide" this functionality to the JS extension, so that users that are writing custom Pocketbase extensions in JS can use bluemonday functionality, which is quite fascinating I think.
I wanted to let you know of that, as I think this is a good example for solving a real world problem.
Thank you for your time, any feedback and questions are greatly appreciated!
Cheers,
Jacky
Beta Was this translation helpful? Give feedback.
All reactions