Comparing version 1.0.3 to 1.0.4
@@ -12,7 +12,8 @@ 'use strict'; | ||
| plugin.whiteRegex = new RegExp(/^[\s\f\n\r\t\u1680\u180e\u2000\u2001\u2002\u2003\u2004\u2005\u2006\u2007\u2008\u2009\u200a\u2028\u2029\u202f\u205f\u3000\ufeff\x09\x0a\x0b\x0c\x0d\x20\xa0]+$/); | ||
| plugin.whiteRegex = new RegExp( | ||
| /^[\s\f\n\r\t\u1680\u180e\u2000\u2001\u2002\u2003\u2004\u2005\u2006\u2007\u2008\u2009\u200a\u2028\u2029\u202f\u205f\u3000\ufeff\x09\x0a\x0b\x0c\x0d\x20\xa0]+$/ | ||
| ); | ||
| // Sanitize using the Caja sanitizer | ||
| plugin.sanitize = (obj) => { | ||
| const keys = Object.keys(obj); | ||
@@ -29,3 +30,2 @@ | ||
| plugin.removeWhitespace = (obj) => { | ||
| const keys = Object.keys(obj); | ||
@@ -44,3 +44,2 @@ | ||
| plugin.removeNonExistent = (obj) => { | ||
| const keys = Object.keys(obj); | ||
@@ -59,3 +58,2 @@ | ||
| plugin.escapeDollarSign = (obj) => { | ||
| const keys = Object.keys(obj); | ||
@@ -74,3 +72,2 @@ | ||
| plugin.removeDollarSign = (obj) => { | ||
| const keys = Object.keys(obj); | ||
@@ -89,3 +86,2 @@ | ||
| plugin.escapeCurlyBracket = (obj) => { | ||
| const keys = Object.keys(obj); | ||
@@ -104,3 +100,2 @@ | ||
| plugin.removeCurlyBracket = (obj) => { | ||
| const keys = Object.keys(obj); | ||
@@ -119,3 +114,2 @@ | ||
| plugin.original = (obj) => { | ||
| return obj; | ||
@@ -125,3 +119,2 @@ }; | ||
| plugin.avert = (obj, options, firstPass, secondPass) => { | ||
| let cleansed = obj; | ||
@@ -132,2 +125,3 @@ if (cleansed && Object.keys(cleansed).length) { | ||
| } | ||
| cleansed = options.genericCustomSanitizer(cleansed); | ||
@@ -138,18 +132,20 @@ cleansed = options[secondPass](cleansed); | ||
| } | ||
| if (options.removeNonExistent) { | ||
| cleansed = plugin.removeNonExistent(cleansed); | ||
| } | ||
| if (options.removeDollarSign) { | ||
| cleansed = plugin.removeDollarSign(cleansed); | ||
| } | ||
| else if (options.escapeDollarSign) { | ||
| } else if (options.escapeDollarSign) { | ||
| cleansed = plugin.escapeDollarSign(cleansed); | ||
| } | ||
| if (options.removeCurlyBracket) { | ||
| cleansed = plugin.removeCurlyBracket(cleansed); | ||
| } | ||
| else if (options.escapeCurlyBracket) { | ||
| } else if (options.escapeCurlyBracket) { | ||
| cleansed = plugin.escapeCurlyBracket(cleansed); | ||
| } | ||
| } | ||
| return cleansed; | ||
@@ -159,3 +155,2 @@ }; | ||
| plugin.schema = Joi.object().keys({ | ||
| // boolean parameters | ||
@@ -181,3 +176,2 @@ removeWhitespace: Joi.boolean().optional(), | ||
| plugin.defaults = { | ||
| // boolean parameters | ||
@@ -204,7 +198,5 @@ removeWhitespace: false, | ||
| plugin.register = async (server, options) => { | ||
| try { | ||
| await plugin.schema.validate(options); | ||
| } | ||
| catch (err) { | ||
| } catch (err) { | ||
| return err; | ||
@@ -216,3 +208,2 @@ } | ||
| server.ext('onPostAuth', (request, h) => { | ||
| if (request.route.settings.plugins.avert === false) { | ||
@@ -222,9 +213,30 @@ return h.continue; | ||
| if (request.payload || Object.keys(request.params).length || Object.keys(request.query).length) { | ||
| if ( | ||
| request.payload || | ||
| Object.keys(request.params).length || | ||
| Object.keys(request.query).length | ||
| ) { | ||
| request.route.settings.plugins._avert = Hoek.applyToDefaults( | ||
| serverSettings, | ||
| request.route.settings.plugins.avert || {} | ||
| ); | ||
| request.route.settings.plugins._avert = Hoek.applyToDefaults(serverSettings, request.route.settings.plugins.avert || {}); | ||
| request.query = plugin.avert(request.query, request.route.settings.plugins._avert, 'avertQuery', 'queryCustomSanitizer'); | ||
| request.params = plugin.avert(request.params, request.route.settings.plugins._avert, 'avertParams', 'paramCustomSanitizer'); | ||
| request.payload = plugin.avert(request.payload, request.route.settings.plugins._avert, 'avertPayload', 'payloadCustomSanitizer'); | ||
| request.query = plugin.avert( | ||
| request.query, | ||
| request.route.settings.plugins._avert, | ||
| 'avertQuery', | ||
| 'queryCustomSanitizer' | ||
| ); | ||
| request.params = plugin.avert( | ||
| request.params, | ||
| request.route.settings.plugins._avert, | ||
| 'avertParams', | ||
| 'paramCustomSanitizer' | ||
| ); | ||
| request.payload = plugin.avert( | ||
| request.payload, | ||
| request.route.settings.plugins._avert, | ||
| 'avertPayload', | ||
| 'payloadCustomSanitizer' | ||
| ); | ||
| } | ||
@@ -239,4 +251,4 @@ | ||
| name: 'avert', | ||
| version: '1.0.0', | ||
| pkg : plugin.package | ||
| version: '1.0.4', | ||
| pkg: plugin.package | ||
| }; |
100
package.json
| { | ||
| "name": "avert", | ||
| "version": "1.0.3", | ||
| "description": "HapiJS request sanitizer.", | ||
| "main": "lib/index.js", | ||
| "directories": { | ||
| "lib": "lib" | ||
| }, | ||
| "engines": { | ||
| "node": "8.9.3" | ||
| }, | ||
| "scripts": { | ||
| "test": "lab -c -v -L -a code", | ||
| "cover": "lab -c -v -L -a code", | ||
| "start": "node lib/index.js" | ||
| }, | ||
| "dependencies": { | ||
| "hoek": "^6.1.2", | ||
| "joi": "^14.3.1", | ||
| "lodash": "^4.17.11", | ||
| "sanitizer": "^0.1.3" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/asabzposh/avert.git" | ||
| }, | ||
| "keywords": [ | ||
| "hapi", | ||
| "request", | ||
| "sanitizer" | ||
| ], | ||
| "author": "Areeb Sabzposh", | ||
| "license": "MIT", | ||
| "bugs": { | ||
| "url": "https://github.com/asabzposh/avert/issues" | ||
| }, | ||
| "homepage": "https://github.com/asabzposh/avert#readme", | ||
| "devDependencies": { | ||
| "blipp": "^3.1.2", | ||
| "boom": "^7.3.0", | ||
| "code": "^5.2.4", | ||
| "coveralls": "^3.0.2", | ||
| "hapi": "^18.0.0", | ||
| "istanbul": "^0.4.5", | ||
| "lab": "^18.0.1" | ||
| } | ||
| "name": "avert", | ||
| "version": "1.0.4", | ||
| "description": "HapiJS request sanitizer.", | ||
| "main": "lib/index.js", | ||
| "directories": { | ||
| "lib": "lib" | ||
| }, | ||
| "engines": { | ||
| "node": "8.9.3" | ||
| }, | ||
| "scripts": { | ||
| "cover": "lab -c -v -L -a code", | ||
| "prettier": "prettier --single-quote --write 'lib/*.js'", | ||
| "precommit": "lint-staged", | ||
| "start": "node lib/index.js", | ||
| "test": "lab -c -v -L -a code" | ||
| }, | ||
| "lint-staged": { | ||
| "*.{js,json,css,md}": [ | ||
| "prettier --single-quote --write", | ||
| "git add" | ||
| ] | ||
| }, | ||
| "dependencies": { | ||
| "hoek": "^6.1.2", | ||
| "joi": "^14.3.1", | ||
| "lodash": "^4.17.11", | ||
| "sanitizer": "^0.1.3" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/asabzposh/avert.git" | ||
| }, | ||
| "keywords": [ | ||
| "hapi", | ||
| "request", | ||
| "sanitizer" | ||
| ], | ||
| "author": "Areeb Sabzposh", | ||
| "license": "MIT", | ||
| "bugs": { | ||
| "url": "https://github.com/asabzposh/avert/issues" | ||
| }, | ||
| "homepage": "https://github.com/asabzposh/avert#readme", | ||
| "devDependencies": { | ||
| "blipp": "^3.1.2", | ||
| "boom": "^7.3.0", | ||
| "code": "^5.2.4", | ||
| "coveralls": "^3.0.2", | ||
| "eslint-config-prettier": "^4.0.0", | ||
| "eslint-plugin-prettier": "^3.0.1", | ||
| "hapi": "^18.0.0", | ||
| "lab": "^18.0.1", | ||
| "prettier": "^1.16.4" | ||
| } | ||
| } |
No alert changes
Improved metrics
- Lines of code
- increased by12.21%
193
Worsened metrics
- Total package byte prevSize
- decreased by-7.42%
117718
- Dev dependency count
- increased by28.57%
9
- Number of package files
- decreased by-20%
4
No dependency changes