express-form
Advanced tools
express-form - npm Package Compare versions
Comparing version 0.11.0 to 0.11.1
| # express-form changelog | ||
| ## v0.11.1 (2013/04/09) | ||
| * tighten up newly-added `isEmail()` regex | ||
| ## v0.11.0 (2014/03/03) | ||
@@ -4,0 +7,0 @@ * simplify isEmail() regex (only checks for `@`); fixes ReDos vuln. |
@@ -17,3 +17,3 @@ var validator = require("validator") | ||
| this.__required = false; | ||
| this.add = function(func) { | ||
@@ -23,3 +23,3 @@ stack.push(func); | ||
| }; | ||
| this.array = function() { | ||
@@ -29,3 +29,3 @@ isArray = true; | ||
| }; | ||
| this.run = function (source, form, options, cb) { | ||
@@ -35,3 +35,3 @@ var self = this | ||
| , value = utils.getProp(property, form) || utils.getProp(property, source); | ||
| if (options.autoTrim) { | ||
@@ -45,7 +45,7 @@ stack.unshift(function (value) { | ||
| } | ||
| function runStack(foo, cb) { | ||
| async.eachSeries(stack, function(proc, cb) { | ||
| if (proc.length == 3) { | ||
@@ -58,3 +58,3 @@ // run the async validator/filter | ||
| } | ||
| // filters return values | ||
@@ -64,8 +64,8 @@ if (result != null) { | ||
| } | ||
| cb(null); | ||
| }); | ||
| } | ||
| // run the sync validator/filter | ||
@@ -77,3 +77,3 @@ var result = proc(foo, source); | ||
| if (!utils.hasValue(value) && !self.__required) return cb(null); | ||
| errors.push(result.error.replace("%s", fieldLabel)); | ||
@@ -84,3 +84,3 @@ return cb(null); | ||
| cb(null); | ||
| }, function(err) { | ||
@@ -90,3 +90,3 @@ cb(null, foo); | ||
| } | ||
| if (isArray) { | ||
@@ -99,4 +99,4 @@ if (!utils.hasValue(value)) value = []; | ||
| }); | ||
| } else { | ||
@@ -133,3 +133,3 @@ if (Array.isArray(value)) value = value[0]; | ||
| Field.prototype.custom = function(func, message) { | ||
| // custom function is async | ||
@@ -140,6 +140,6 @@ if (func.length == 3) { | ||
| if (err) return cb(new Error(message || err.message || "%s is invalid")); | ||
| // functions that return values are filters | ||
| if (result != null) return cb(null, result); | ||
| // value passed validator | ||
@@ -150,6 +150,6 @@ cb(null, null); | ||
| } | ||
| // custom function is sync | ||
| return this.add(function (value, source) { | ||
| try { | ||
@@ -162,6 +162,6 @@ var result = func(value, source); | ||
| if (result != null) return result; | ||
| // value passed validator | ||
| return { valid: true }; | ||
| }); | ||
@@ -174,3 +174,3 @@ }; | ||
| if (name.match(/^ifNull$/)) return; | ||
| Field.prototype[name] = function () { | ||
@@ -212,9 +212,9 @@ var args = arguments; | ||
| } | ||
| if (length <= 3) return "..."; | ||
| if (value.length > length - 3) { | ||
| return value.substr(0,length - 3) + "..."; | ||
| } | ||
| return value; | ||
@@ -290,3 +290,3 @@ }); | ||
| } | ||
| return this.add(function (value, source) { | ||
@@ -331,3 +331,3 @@ // If other is a field token (field::fieldname), grab the value of fieldname | ||
| return this.add(function (value) { | ||
| if (typeof value != 'string' || !(/\S+@\S+/).test(value)) { | ||
| if (typeof value != 'string' || !(/^[\-0-9a-zA-Z\.\+_]+@[\-0-9a-zA-Z\.\+_]+\.[a-zA-Z]{2,4}$/).test(value)) { | ||
| return { error: message || "%s is not an email address" }; | ||
@@ -355,3 +355,3 @@ } | ||
| // regex("pattern", "modifiers", "message") | ||
| if (pattern instanceof RegExp) { | ||
@@ -364,3 +364,3 @@ if (object.isString(modifiers) && modifiers.match(/^[gimy]+$/)) { | ||
| modifiers = undefined; | ||
| } else if (object.isString(pattern)) { | ||
@@ -374,3 +374,3 @@ if (arguments.length == 2 && !modifiers.match(/^[gimy]+$/)) { | ||
| } | ||
| return this.add(function (value) { | ||
@@ -396,6 +396,6 @@ if (pattern.test(value) === false) { | ||
| } | ||
| message = modifiers; | ||
| modifiers = undefined; | ||
| } else if (object.isString(pattern)) { | ||
@@ -439,3 +439,3 @@ if (arguments.length == 2 && !modifiers.match(/^[gimy]+$/)) { | ||
| return this.add(function(value) { | ||
| if (value.toString().length > length) { | ||
| if (value.toString().length > length) { | ||
| return { error: message || "%s is too long" }; | ||
@@ -442,0 +442,0 @@ } |
@@ -5,3 +5,3 @@ { | ||
| "description": "Form validation and data filtering for Express", | ||
| "version": "0.11.0", | ||
| "version": "0.11.1", | ||
| "homepage": "http://dandean.github.com/express-form", | ||
@@ -8,0 +8,0 @@ "repository": { |
@@ -35,3 +35,3 @@ var assert = require("assert"), | ||
| assert.equal(request.form.errors.length, 0); | ||
| // Failure. | ||
@@ -53,2 +53,33 @@ var request = { body: { field: "fail" }}; | ||
| assert.equal(request.form.errors.length, 0); | ||
| var validEmails = [ | ||
| "user@host.com", | ||
| "user@host.info", | ||
| "user@host.co.uk", | ||
| "user+service@host.co.uk", | ||
| "user-ok.yes+tag@host.k12.mi.us", | ||
| "FirstNameLastName2000@hotmail.com" | ||
| ]; | ||
| for (var i in validEmails) { | ||
| var request = { body: { field: validEmails[i] }}; | ||
| form(validate("field").isEmail())(request, {}); | ||
| assert.equal(request.form.errors.length, 0, 'failed to validate email: ' + validEmails[i]); | ||
| } | ||
| var badEmails = [ | ||
| "dontvalidateme", | ||
| "nope@", | ||
| "someUser", | ||
| "<script@host.com", | ||
| "userawesome*@host.com", | ||
| "userawesom@ok.com?&vl=1" | ||
| ]; | ||
| for (var i in badEmails) { | ||
| var request = { body: { field: badEmails[i] }}; | ||
| form(validate("field").isEmail())(request, {}); | ||
| assert.equal(request.form.errors.length, 1, 'should not validate email: ' + badEmails[i]); | ||
| } | ||
| }, | ||
@@ -475,3 +506,3 @@ | ||
| }, | ||
| 'validation : isString()': function() { | ||
@@ -524,3 +555,3 @@ var request = { body: { username: 'adasds@example.com', password: { 'somevalue': '1' } }}; | ||
| assert.equal(request.form.errors.length, 0); | ||
| // Non-required fields with no value should not trigger errors | ||
@@ -568,3 +599,3 @@ // Success | ||
| assert.equal(request.form.errors[0], "Radical field"); | ||
| // Success | ||
@@ -586,3 +617,3 @@ request = { body: { field: "value" }}; | ||
| }, | ||
| "validation: custom : async": function(done) { | ||
@@ -596,3 +627,3 @@ var request = { body: { field1: "value1", field2: "value2" }}; | ||
| }; | ||
| form(validate("field1").custom(function(value, source, callback) { | ||
@@ -605,3 +636,3 @@ process.nextTick(function() { | ||
| }, | ||
| "validation : custom : async : success": function(done) { | ||
@@ -624,3 +655,3 @@ var request = { body: { field1: "value1", field2: "value2" }}; | ||
| }, | ||
| "validation : custom : async : chaining": function(done) { | ||
@@ -637,3 +668,3 @@ var request = { body: { field1: "value1", field2: "value2" }}; | ||
| }; | ||
| form(validate("field1") | ||
@@ -657,3 +688,3 @@ .custom(function(value, source, callback) { | ||
| }, | ||
| "validation : custom : async : multiple fields": function(done) { | ||
@@ -687,3 +718,3 @@ var request = { body: { field1: "value1", field2: "value2" }}; | ||
| }, | ||
| "validation : request.form property-pollution": function() { | ||
@@ -690,0 +721,0 @@ var request = { body: { }}; |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.04%
78735
- Lines of code
- increased by1.51%
1750