If your schemas are received from untrusted sources (or generated from untrusted data) there are several scenarios you need to prevent: It is difficult to predict all the scenarios, but at the very least it may help to limit the size of untrusted schemas (e.g.
limit JSON string length) and also the maximum schema object depth (that can be high for relatively small JSON strings).
There are two modes of format validation: allows changing the default behaviour when an unknown format is encountered.
You can define custom keywords with add Keyword method.
Keywords are defined on the Several custom keywords (typeof, instanceof, range and property Names) are defined in ajv-keywords package - they can be used for your schemas and as a starting point for your own custom keywords. During asynchronous compilation remote references are loaded using supplied function. Example in REPL: https://tonicdev.com/esp/ajv-asynchronous-validation You can define custom formats and keywords that perform validation asynchronously by accessing database or some other service.
See Validation errors You can require Ajv directly from the code you browserify - in this case Ajv will be a part of your bundle.
If you need to use Ajv in several bundles you can create a separate UMD bundle using if no module system is found. Ajv is tested with these browsers: Please note: some frameworks, e.g.