Protect Your JavaScript Applications from Api Data
Sanitizing API data for your applications
In this article I am going to talk about one of the most important things you can do when developing a client-side application.
You need to sanitize your API data before passing it into your application.
Basically you need to take the JSON you get from the API and fill in any missing data with default values. The biggest culprit is when you are working with array data. For security reasons, some APIs won’t return a property if there is no data for that property which will cause your data to be undefined
. Also some APIs will return a single object instead of an array if there is only one item, which makes it painful when expecting consistent data types.
I’ve worked with a lot of new and legacy APIs and I can say passing raw data from an API directly into your application is a bad idea so be proactive and not reactive. I’ve created a library to handle these situations. First, lets see how we can handle this without my library: