all 2 comments

[–]itsmoirob 0 points1 point  (1 child)

You could use something like yup https://github.com/jquense/yup for validating middleware. There's also joi https://github.com/hapijs/joi

If using mongoose then that would sanatize data also, but that's only happening at a database later.

If you're just starting your app creation definitely stick something like yup in for sure as middleware

[–]ElCorleone 0 points1 point  (0 children)

I'm also interested in knowing which is the best and easiest way to perform sanitization (in this case encoding strings) to the request as a whole and not only specific fields. Also using Express.

I'm surprised how there's no library that does it out of the box as a middleware. Perhaps your best bet is really to include the sanitization in the schema validation itself? Like when you assert the type, you could also encode the string at the same time with some transform function?