[Backend] Security: Input Sanitization & XSS Prevention

[Folex1275]

Description
Ensure that any user-generated data (like stream descriptions or DAO proposal text) is sanitized before being stored or served.

Tasks

• Implement dompurify or xss library on all POST/PUT endpoints.
• Add SQL injection protection via Prisma’s parameterized queries.

Labels
[Backend] Medium Security

[drips-wave]

This issue has been added to the Stellar Wave Program and is worth 200 Points.

🧑‍💻 Interested in contributing? Apply to work on this issue on Drips Wave, earn points, and receive rewards.

Warning

Only applications submitted via the apply link above will be considered. Please do not apply by commenting on the issue or opening a PR directly.

🤠 Repo maintainers: You can manage this issue's Points and Complexity on your Maintainer Dashboard here. Please keep an eye on applications and respond quickly 💙

ℹ️ Learn more about Drips Wave

[Chucks1093]

@Chucks1093 has applied to work on this issue as part of the Stellar Wave Program's 2nd wave.

I can easily implement this using helmet js. Please give me an opportunity to work on your repo.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Chucks1093 to this issue.

[Emmanuelluxury]

@Emmanuelluxury has applied to work on this issue as part of the Stellar Wave Program's 2nd wave.

I’d like to work on this issue because it sits at the intersection of system design, financial logic, and secure contract architecture — areas I actively specialize in and enjoy building within. The problem requires careful handling of state transitions, precision math, and security constraints, which makes it both technically meaningful and impactful to the overall reliability of the protocol.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Emmanuelluxury to this issue.

[olathedev]

@olathedev has applied to work on this issue as part of the Stellar Wave Program's 2nd wave.

Hi Maintainer, i would love to work on this issue

ℹ️ Repo Maintainers: To accept this application, review their application or assign @olathedev to this issue.

[Solomonsolomonsolomon]

@Solomonsolomonsolomon has applied to work on this issue as part of the Stellar Wave Program's 2nd wave.

hi , id like to work on this

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Solomonsolomonsolomon to this issue.

[drips-wave]

Congratulations, @Solomonsolomonsolomon! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on February 26, 2026.

🧑‍💻 @Solomonsolomonsolomon: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are issued when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊