include::../description.adoc[]

== Noncompliant Code Example

----
function (req, res) {
  const tainted = req.query.name;

  res.send(tainted); // Noncompliant
};
----

== Compliant Solution

----
import sanitizeHtml from "sanitize-html"; 

function (req, res) {
  const tainted = req.query.name;

  res.send(sanitizeHtml(tainted)); // Noncompliant
};
----

include::../see.adoc[]