lukeed
commented
4 years ago It's like any other Node.js app - Polka is no different since it's effectively a router.
It's up to you to sanitize incoming request bodies, on top of managing other security concerns.
Again, Polka makes no effort to handle any of this for you, but will work alongside any tools and solutions you want to bring with you. This is a good place to start: https://expressjs.com/en/advanced/best-practice-security.html
Hope that helps 👍
I just posted here if anyone know how to implement XSS prevention within polka? Thanks.