Comparing version 1.0.11 to 1.0.13
{ | ||
"name": "tv4", | ||
"version": "1.0.11", | ||
"version": "1.0.13", | ||
"author": "Geraint Luff", | ||
@@ -5,0 +5,0 @@ "description": "A public domain JSON Schema validator for JavaScript", |
@@ -87,3 +87,3 @@ # Tiny Validator (for v4 JSON Schema) | ||
While they don't occur in proper JSON, JavaScript does support self-referencing objects. Any of the above calls support an optional final argument, checkRecursive. If true, tv4 will handle self-referencing objects properly - this slows down validation slightly, but that's better than a hanging script. | ||
While they don't occur in proper JSON, JavaScript does support self-referencing objects. Any of the above calls support an optional third argument: `checkRecursive`. If true, tv4 will handle self-referencing objects properly - this slows down validation slightly, but that's better than a hanging script. | ||
@@ -102,10 +102,8 @@ Consider this data, notice how both `a` and `b` refer to each other: | ||
If the final checkRecursive argument were missing, this would throw a "too much recursion" error. | ||
If the `checkRecursive` argument were missing, this would throw a "too much recursion" error. | ||
To enable supprot for this pass `true` as additional argument to any of the regular validation methods: | ||
To enable support for this, pass `true` as additional argument to any of the regular validation methods: | ||
```javascript | ||
tv4.validate(a, aSchema, true); | ||
tv4.validate(a, schema, asynchronousFunction, true); | ||
tv4.validateResult(data, aSchema, true); | ||
@@ -115,2 +113,14 @@ tv4.validateMultiple(data, aSchema, true); | ||
## The `banUnknownProperties` flag | ||
Sometimes, it is desirable to flag all unknown properties as an error. This is especially useful during development, to catch typos and the like, even when extra custom-defined properties are allowed. | ||
As such, tv4 implements ["ban unknown properties" mode](https://github.com/json-schema/json-schema/wiki/ban-unknown-properties-mode-\(v5-proposal\)), enabled by a fourth-argument flag: | ||
```javascript | ||
tv4.validate(data, schema, checkRecursive, true); | ||
tv4.validateResult(data, schema, checkRecursive, true); | ||
tv4.validateMultiple(data, schema, checkRecursive, true); | ||
``` | ||
## API | ||
@@ -234,3 +244,3 @@ | ||
Add a custom format validator. | ||
Add a custom format validator. (There are no built-in format validators.) | ||
@@ -237,0 +247,0 @@ * `format` is a string, corresponding to the `"format"` value in schemas. |
76
tv4.js
@@ -135,3 +135,5 @@ /* | ||
this.scannedFrozenSchemas = []; | ||
this.key = 'tv4_validation_id'; | ||
this.scannedFrozenValidationErrors = []; | ||
this.validatedSchemasKey = 'tv4_validation_id'; | ||
this.validationErrorsKey = 'tv4_validation_errors_id'; | ||
} | ||
@@ -243,10 +245,10 @@ if (trackUnknownProperties) { | ||
ValidatorContext.prototype.searchSchemas = function (schema, url) { | ||
if (typeof schema.id === "string") { | ||
if (isTrustedUrl(url, schema.id)) { | ||
if (this.schemas[schema.id] === undefined) { | ||
this.schemas[schema.id] = schema; | ||
if (schema && typeof schema === "object") { | ||
if (typeof schema.id === "string") { | ||
if (isTrustedUrl(url, schema.id)) { | ||
if (this.schemas[schema.id] === undefined) { | ||
this.schemas[schema.id] = schema; | ||
} | ||
} | ||
} | ||
} | ||
if (typeof schema === "object") { | ||
for (var key in schema) { | ||
@@ -335,9 +337,22 @@ if (key !== "enum") { | ||
var startErrorCount = this.errors.length; | ||
var frozenIndex, scannedFrozenSchemaIndex = null, scannedSchemasIndex = null; | ||
if (this.checkRecursive && (typeof data) === 'object') { | ||
topLevel = !this.scanned.length; | ||
if (data[this.key] && data[this.key].indexOf(schema) !== -1) { return null; } | ||
var frozenIndex; | ||
if (data[this.validatedSchemasKey]) { | ||
var schemaIndex = data[this.validatedSchemasKey].indexOf(schema); | ||
if (schemaIndex !== -1) { | ||
this.errors = this.errors.concat(data[this.validationErrorsKey][schemaIndex]); | ||
return null; | ||
} | ||
} | ||
if (Object.isFrozen(data)) { | ||
frozenIndex = this.scannedFrozen.indexOf(data); | ||
if (frozenIndex !== -1 && this.scannedFrozenSchemas[frozenIndex].indexOf(schema) !== -1) { return null; } | ||
if (frozenIndex !== -1) { | ||
var frozenSchemaIndex = this.scannedFrozenSchemas[frozenIndex].indexOf(schema); | ||
if (frozenSchemaIndex !== -1) { | ||
this.errors = this.errors.concat(this.scannedFrozenValidationErrors[frozenIndex][frozenSchemaIndex]); | ||
return null; | ||
} | ||
} | ||
} | ||
@@ -351,16 +366,25 @@ this.scanned.push(data); | ||
} | ||
this.scannedFrozenSchemas[frozenIndex].push(schema); | ||
scannedFrozenSchemaIndex = this.scannedFrozenSchemas[frozenIndex].length; | ||
this.scannedFrozenSchemas[frozenIndex][scannedFrozenSchemaIndex] = schema; | ||
this.scannedFrozenValidationErrors[frozenIndex][scannedFrozenSchemaIndex] = []; | ||
} else { | ||
if (!data[this.key]) { | ||
if (!data[this.validatedSchemasKey]) { | ||
try { | ||
Object.defineProperty(data, this.key, { | ||
Object.defineProperty(data, this.validatedSchemasKey, { | ||
value: [], | ||
configurable: true | ||
}); | ||
Object.defineProperty(data, this.validationErrorsKey, { | ||
value: [], | ||
configurable: true | ||
}); | ||
} catch (e) { | ||
//IE 7/8 workaround | ||
data[this.key] = []; | ||
data[this.validatedSchemasKey] = []; | ||
data[this.validationErrorsKey] = []; | ||
} | ||
} | ||
data[this.key].push(schema); | ||
scannedSchemasIndex = data[this.validatedSchemasKey].length; | ||
data[this.validatedSchemasKey][scannedSchemasIndex] = schema; | ||
data[this.validationErrorsKey][scannedSchemasIndex] = []; | ||
} | ||
@@ -382,3 +406,3 @@ } | ||
var item = this.scanned.pop(); | ||
delete item[this.key]; | ||
delete item[this.validatedSchemasKey]; | ||
} | ||
@@ -399,2 +423,8 @@ this.scannedFrozen = []; | ||
} | ||
if (scannedFrozenSchemaIndex !== null) { | ||
this.scannedFrozenValidationErrors[frozenIndex][scannedFrozenSchemaIndex] = this.errors.slice(startErrorCount); | ||
} else if (scannedSchemasIndex !== null) { | ||
data[this.validationErrorsKey][scannedSchemasIndex] = this.errors.slice(startErrorCount); | ||
} | ||
@@ -1004,9 +1034,9 @@ return this.handleError(error); | ||
function normSchema(schema, baseUri) { | ||
if (baseUri === undefined) { | ||
baseUri = schema.id; | ||
} else if (typeof schema.id === "string") { | ||
baseUri = resolveUrl(baseUri, schema.id); | ||
schema.id = baseUri; | ||
} | ||
if (typeof schema === "object") { | ||
if (schema && typeof schema === "object") { | ||
if (baseUri === undefined) { | ||
baseUri = schema.id; | ||
} else if (typeof schema.id === "string") { | ||
baseUri = resolveUrl(baseUri, schema.id); | ||
schema.id = baseUri; | ||
} | ||
if (Array.isArray(schema)) { | ||
@@ -1013,0 +1043,0 @@ for (var i = 0; i < schema.length; i++) { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
403
0
0
58669
6
1292