purify - npm Package Compare versions

Comparing version 2.0.0 to 3.0.0

lib/purify.js

 (function (root, factory) {
     if (typeof exports === 'object') {
-        module.exports = factory(require('one-validation'), require('unicoderegexp'));
+        module.exports = factory(require('one-validation'), require('punycode'), require('unicoderegexp'));
     } else if (typeof define === 'function' && define.amd) {
-        define(['one-validation', 'unicoderegexp'], factory);
+        define(['one-validation', 'punycode', 'unicoderegexp'], factory);
     } else {
-        root.purify = factory(root.one.validation, root.unicodeRegExp);
+        root.purify = factory(root.one.validation, root.punycode, root.unicodeRegExp);
     }
-}(this, function (oneValidation, unicodeRegExp) {
+}(this, function (oneValidation, punycode, unicodeRegExp) {
     var purify = {};
@@ -24,4 +24,11 @@
     purify.email = purify.emailAddress = function (rawValue, defaultValue) {
-        if (typeof rawValue === 'string' && oneValidation.email.test(rawValue)) {
-            return rawValue.toLowerCase();
+        // Should return an email with the domain part in its punycoded form regardless of input
+        if (typeof rawValue === 'string' && oneValidation.emailIdn.test(rawValue)) {
+            var fragments = rawValue.toLowerCase().split('@'),
+                encodedDomain = fragments.length === 2 && punycode.toASCII(fragments[1]),
+                encodedEmail = encodedDomain && fragments[0] + '@' + encodedDomain;
+
+            if (typeof encodedEmail === 'string' && oneValidation.email.test(encodedEmail)) {
+                return encodedEmail;
+            }
         }
@@ -32,5 +39,13 @@ return defaultValue;
     purify.emailIdn = purify.emailAddressIdn = function (rawValue, defaultValue) {
+        // Should return an email with the domain part in its non-punycoded form regardless of input
         if (typeof rawValue === 'string' && oneValidation.emailIdn.test(rawValue)) {
-            return rawValue.toLowerCase();
+            var fragments = rawValue.toLowerCase().split('@'),
+                decodedDomain = fragments.length === 2 && punycode.toUnicode(fragments[1]),
+                decodedEmail = decodedDomain && fragments[0] + '@' + decodedDomain;
+
+            if (typeof decodedEmail === 'string' && oneValidation.emailIdn.test(decodedEmail)) {
+                return decodedEmail;
+            }
         }
+
         return defaultValue;
@@ -40,4 +55,8 @@ };
     purify.domain = purify.domainName = function (rawValue, defaultValue) {
-        if (typeof rawValue === 'string' && oneValidation.domain.test(rawValue)) {
-            return rawValue.toLowerCase();
+        // Should return a domain in its punycoded form regardless of input
+        if (typeof rawValue === 'string' && oneValidation.domainIdn.test(rawValue)) {
+            var encoded = punycode.toASCII(rawValue.toLowerCase());
+            if (typeof encoded === 'string' && oneValidation.domain.test(encoded)) {
+                return encoded;
+            }
         }
@@ -48,4 +67,8 @@ return defaultValue;
     purify.domainIdn = purify.domainNameIdn = function (rawValue, defaultValue) {
+        // Should return a domain in its non-punycoded form regardless of input
         if (typeof rawValue === 'string' && oneValidation.domainIdn.test(rawValue)) {
-            return rawValue.toLowerCase();
+            var decoded = punycode.toUnicode(rawValue.toLowerCase());
+            if (typeof decoded === 'string' && oneValidation.domainIdn.test(decoded)) {
+                return decoded;
+            }
         }
@@ -155,3 +178,3 @@ return defaultValue;
     // Visible characters, full Unicode repertoire
-    var nonEmptyVisibleUnicodeRegExp = new RegExp("^" + unicodeRegExp.visible.source + "+$");
+    var nonEmptyVisibleUnicodeRegExp = new RegExp('^' + unicodeRegExp.visible.source + '+$');
     purify.nonEmptyVisibleUnicode = function (rawValue, defaultValue) {
@@ -165,3 +188,3 @@ if (typeof rawValue === 'string' && nonEmptyVisibleUnicodeRegExp.test(rawValue)) {
     // Visible characters, full Unicode repertoire
-    var visibleUnicodeRegExp = new RegExp("^" + unicodeRegExp.visible.source + "*$");
+    var visibleUnicodeRegExp = new RegExp('^' + unicodeRegExp.visible.source + '*$');
     purify.visibleUnicode = function (rawValue, defaultValue) {
@@ -175,3 +198,3 @@ if (typeof rawValue === 'string' && visibleUnicodeRegExp.test(rawValue)) {
     // Visible characters + space, full Unicode repertoire
-    var nonEmptyPrintableUnicodeRegExp = new RegExp("^" + unicodeRegExp.printable.source + "+$");
+    var nonEmptyPrintableUnicodeRegExp = new RegExp('^' + unicodeRegExp.printable.source + '+$');
     purify.nonEmptyPrintableUnicode = function (rawValue, defaultValue) {
@@ -185,3 +208,3 @@ if (typeof rawValue === 'string' && nonEmptyPrintableUnicodeRegExp.test(rawValue)) {
     // Visible characters + space, full Unicode repertoire
-    var printableUnicodeRegExp = new RegExp("^" + unicodeRegExp.printable.source + "*$");
+    var printableUnicodeRegExp = new RegExp('^' + unicodeRegExp.printable.source + '*$');
     purify.printableUnicode = function (rawValue, defaultValue) {
@@ -188,0 +211,0 @@ if (typeof rawValue === 'string' && printableUnicodeRegExp.test(rawValue)) {

package.json

@@ -14,6 +14,8 @@ {
     "prepublish": "make test",
+    "lint": "jshint .",
     "test": "make test",
-    "travis": "npm test"
+    "travis": "npm run lint && NODE_ENV=development ./node_modules/.bin/istanbul cover ./node_modules/mocha/bin/_mocha -- --reporter dot && cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js",
+    "coverage": "NODE_ENV=development ./node_modules/.bin/istanbul cover ./node_modules/mocha/bin/_mocha -- --reporter dot"
   },
-  "version": "2.0.0",
+  "version": "3.0.0",
   "engines": {
@@ -24,5 +26,9 @@ "node": ">=0.4.0"
     "one-validation": "=1.1.0",
+    "punycode": "=1.3.0",
     "unicoderegexp": "=0.3.0"
   },
   "devDependencies": {
+    "coveralls": "=2.11.1",
+    "istanbul": "=0.3.0",
+    "jshint": "=2.5.2",
     "mocha": "=1.12.0",
@@ -29,0 +35,0 @@ "unexpected": "=3.0.1"

README.md

@@ -6,4 +6,7 @@ purify
 [![Build Status](https://travis-ci.org/One-com/purify.png?branch=master)](https://travis-ci.org/One-com/purify)
+[![Coverage Status](https://coveralls.io/repos/One-com/purify/badge.png)](https://coveralls.io/r/One-com/purify)
 [![Dependency Status](https://david-dm.org/One-com/purify.png)](https://david-dm.org/One-com/purify)
 
+
+
 ```javascript
@@ -15,4 +18,10 @@ var app = express(),
     var userId = purify.positiveInteger(req.param('userId')),
-        force = purify.positiveInteger(req.param('force'), true);
+        force = purify.boolean(req.param('force'), true);
+
+    if (userId) {
+        // ...
+    } else {
+        res.send(400);
+    }
 });
 ```

test/purify.js

@@ -62,4 +62,13 @@ /*global it, describe*/
         it('should accept valid input', function () {
-            expect('email', 'to allow', 'andreas@centersurf.net');
-            expect('email', 'to allow', 'andreas@centersurf.quuxbar');
+            // Non-IDN domains
+            expect('email', 'to allow', 'andreas@centersurf.net', 'andreas@centersurf.net');
+            expect('email', 'to allow', 'andreas@centersurf.quuxbar', 'andreas@centersurf.quuxbar');
+
+            // Punycode non-punycoded IDN domains
+            expect('email', 'to allow', 'andreas@cæntersurf.net', 'andreas@xn--cntersurf-g3a.net');
+            expect('email', 'to allow', 'andreas@cæntersurf.quuxbar', 'andreas@xn--cntersurf-g3a.quuxbar');
+
+            // Already punycoded IDN domains
+            expect('email', 'to allow', 'andreas@xn--cntersurf-g3a.net', 'andreas@xn--cntersurf-g3a.net');
+            expect('email', 'to allow', 'andreas@xn--cntersurf-g3a.quuxbar', 'andreas@xn--cntersurf-g3a.quuxbar');
         });
@@ -76,10 +85,19 @@
         it('should accept valid input', function () {
-            expect('emailIdn', 'to allow', 'andreas@cæntersurf.net');
-            expect('emailIdn', 'to allow', 'andreas@cæntersurf.quuxbar');
+            // Non-IDN domains
+            expect('emailIdn', 'to allow', 'andreas@centersurf.net', 'andreas@centersurf.net');
+            expect('emailIdn', 'to allow', 'andreas@centersurf.quuxbar', 'andreas@centersurf.quuxbar');
+
+            // Already non-punycoded IDN domains
+            expect('emailIdn', 'to allow', 'andreas@cæntersurf.net', 'andreas@cæntersurf.net');
+            expect('emailIdn', 'to allow', 'andreas@cæntersurf.quuxbar', 'andreas@cæntersurf.quuxbar');
+
+            // Decode punycoded IDN domains
+            expect('emailIdn', 'to allow', 'andreas@xn--cntersurf-g3a.net', 'andreas@cæntersurf.net');
+            expect('emailIdn', 'to allow', 'andreas@xn--cntersurf-g3a.quuxbar', 'andreas@cæntersurf.quuxbar');
         });
 
         it('should reject invalid input', function () {
-            expect('emailIdn', 'not to allow', 'andræas@cæntersurf.quuxbar');
             expect('emailIdn', 'not to allow', '');
             expect('emailIdn', 'not to allow', '\x00andreas@cæntersurf.net');
+            expect('emailIdn', 'not to allow', 'andræas@cæntersurf.quuxbar');
         });
@@ -90,4 +108,13 @@ });
         it('should accept valid input', function () {
-            expect('domain', 'to allow', 'centersurf.net');
-            expect('domain', 'to allow', 'centersurf.quuxbar');
+            // Non-IDN domains
+            expect('domain', 'to allow', 'centersurf.net', 'centersurf.net');
+            expect('domain', 'to allow', 'centersurf.quuxbar', 'centersurf.quuxbar');
+
+            // Punycode non-punycoded IDN domains
+            expect('domain', 'to allow', 'cæntersurf.net', 'xn--cntersurf-g3a.net');
+            expect('domain', 'to allow', 'cæntersurf.quuxbar', 'xn--cntersurf-g3a.quuxbar');
+
+            // Already punycoded IDN domains
+            expect('domain', 'to allow', 'xn--cntersurf-g3a.net', 'xn--cntersurf-g3a.net');
+            expect('domain', 'to allow', 'xn--cntersurf-g3a.quuxbar', 'xn--cntersurf-g3a.quuxbar');
         });
@@ -104,5 +131,13 @@
         it('should accept valid input', function () {
-            expect('domainIdn', 'to allow', 'cæntersurf.net');
-            expect('domainIdn', 'to allow', 'centersurf.quuxbar');
-            expect('domainIdn', 'to allow', 'cæntersurf.quuxbar');
+            // Non-IDN domains
+            expect('domainIdn', 'to allow', 'centersurf.net', 'centersurf.net');
+            expect('domainIdn', 'to allow', 'centersurf.quuxbar', 'centersurf.quuxbar');
+
+            // Already non-punycoded IDN domains
+            expect('domainIdn', 'to allow', 'cæntersurf.net', 'cæntersurf.net');
+            expect('domainIdn', 'to allow', 'cæntersurf.quuxbar', 'cæntersurf.quuxbar');
+
+            // Decode punycoded IDN domains
+            expect('domainIdn', 'to allow', 'xn--cntersurf-g3a.net', 'cæntersurf.net');
+            expect('domainIdn', 'to allow', 'xn--cntersurf-g3a.quuxbar', 'cæntersurf.quuxbar');
         });
@@ -113,3 +148,3 @@
             expect('domainIdn', 'not to allow', '\x00centersurf.net');
-
+            expect('domainIdn', 'not to allow', '/!');
         });
@@ -186,3 +221,3 @@ });
                 expect(['integerInRange', lowerBound, upperBound], 'to allow', -100, -100);
-                expect(['integerInRange', lowerBound, upperBound], 'to allow', "-100", -100);
+                expect(['integerInRange', lowerBound, upperBound], 'to allow', '-100', -100);
                 expect(['integerInRange', lowerBound, upperBound], 'to allow', upperBound, upperBound);
@@ -189,0 +224,0 @@ });

New alerts

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

44468

30.23%

Number of package files

10

25%

Lines of code

743

6.91%

Number of lines in readme file

26

52.94%

Worsened metrics

Dependency count

3

50%

Dev dependency count

5

150%

Dependency changes

• + Added

  punycode@=1.3.0