What exactly does the express-validator escape() sanitizer? Can't understand. For example:
check('name') .trim() .escape() .notEmpty() .withMessage('User name can not be empty!') .bail() .isLength({ min: 3 }) .withMessage('Minimum 3 characters required!') .bail(), Why there is a need to escape() after trim()?
12 Answers
Thanks to robertklep. Every sanitizer is described here:
Interestingly, it replace <, >, &, ', " and / with HTML entities.
You may refer here: validatorjs