Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
validator.js
Advanced tools
Powerful objects and strings validation in javascript for Node and modern browsers (evergreen browsers).
2.0.4
MIT - See LICENSE.md
bower install validator.js
$ npm install -g validator.js
Then
var Validator = require( 'validator.js' );
<script src="../validator.js"></script>
<script>
console.log(Validator);
</script>
var is = require( 'validator.js' ).Assert;
var validator = require( 'validator.js' ).validator();
validator.validate( 'foo', is.ofLength( { min: 4 } ) );
validator.validate( 'foo', [ is.ofLength( { min: 4 } ), is.email() ] );
will return true
if validation passes, a Violation
's array otherwise.
var is = require( 'validator.js' ).Assert;
var validator = require( 'validator.js' ).validator();
var object = {
name: 'john doe',
email: 'wrong@email',
firstName: null,
phone: null
},
constraint = {
name: [ is.notBlank(), is.ofLength( { min: 4, max: 25 } ) ],
email: is.email(),
firstName: is.notBlank(),
phone: is.notBlank()
};
validator.validate( object, constraint );
will return true
if validation passes, { email: [ Violation ], firstname: [ Violation ] }
in this case.
With same objects than above, just by adding validation groups:
constraint = {
name: [ is.notBlank(), is( 'edit' ).ofLength( { min: 4, max: 25 } ) ],
email: is.email(),
firstname: is( [ 'edit', 'register'] ).notBlank(),
phone: is( 'edit' ).notBlank()
};
validator.validate( object, constraint, 'edit' );
will return true
in this case { firstname: [ Violation ], phone: [ Violation ] }
.
There are two special groups: "Any" and "Default". Validating against "Any"
group will validate
against all Asserts, regardless their groups. Validating against "Default"
group will only
validate against Asserts that do not have a validation group.
validator.bind( object, constraint );
validator.validate( object, groups );
Under the hood, by default, a _validatorjsConstraint
key will be created in object
in order to store here the constraint. You could override this default key name by
passing an option to Validator constructor.
An assert implements Assert Interface, and is an assertion that your string or object
property must pass during validation process. There are several Asserts built in
Validator.js (see below), but you can implement yours for your needs using the
Callback()
assert (see below).
var length = is.ofLength( { min: 10 } );
try {
length.check( 'foo' );
} catch ( violation ) {
}
A Constraint is a set of asserts nodes that would be used to validate an object.
var length = is.ofLength( { min: 10 } );
var notBlank = is.notBlank();
var constraint = validator.constraint( { foo: length, bar: notBlank } );
constraint.check( { foo: 'foo', bar: 'bar' } );
By default, Validator.js checks properties that are defined in the Constraint object
and exists on the validated object unless the constraint is Required
. If you want a
strict validation (ie ensure that every) Constraint node is valid, you'll have to pass
an optional parameter to your Constraint:
var object = {
foo: 'foo',
bar: 'bar'
};
var constraint = validator.constraint( {
foo: is.notBlank(),
bar: is.notBlank(),
baz: is.notBlank()
}, { strict: true });
constraint.check( object );
will return a HaveProperty
Violation, saying that baz
property does not exist
in validated object. Without { strict: true }
this check would return true
.
By default, a Required
constraint fails if the parent property exists in the validated
object and the property doesn't. To force Validator.js to take into account all Required
constraints, no matter the validated object, you have to enable the deepRequired
option:
var object = { };
var constraint = validator.constraint({
foo: {
bar: is.required()
}
}, { deepRequired: true });
constraint.check(object);
will return a HaveProperty
Violation, saying that foo
property does not exist.
This option also works when Collection
is used, but doesn't enforce a non empty array
on the validated object.
blank
)callback
)choice
)choice
)collection
)collection
)count
)count
)email
)equalTo
)equalTo
)greaterThan
)greaterThanOrEqual
)instanceOf
)isString
)length
)haveProperty
)lessThan
)lessThanOrEqual
)equalTo
)equalTo
)notBlank
)notEqualTo
)notNull
)null
)range
)regexp
)required
)unique
)unique
)eql
)eql
)ipv4
)mac
)You can extend validator.js with more asserts should you need them. There are several extra asserts built by the community that seamlessly integrate with this package. See the Extending section for more information.
validator.js
.Collection Assert is quite special yet powerful. It allows you to validate an object's array by checking each one of them against a constraint.
Here is an example of test suite test showing how this assert works:
it( 'Collection', function () {
var itemConstraint = validator.constraint( { foobar: is.notNull(), foobaz: is.notNull() } ),
object = {
foo: null,
items: [
{ foobar: null, foobaz: 'foo', fooqux: null },
{ foobar: 'bar', foobaz: 'baz' },
{ foobar: null, foobaz: null }
]
},
constraint = {
foo: is.notNull(),
items: [ is.collection( itemConstraint ), is.count( 2 ) ]
};
var result = validator.validate( object, constraint );
expect( result ).to.have.key( 'foo' );
expect( result ).to.have.key( 'items' );
expect( result.items[ 0 ] ).to.have.key( '0' );
expect( result.items[ 0 ] ).to.have.key( '2' );
expect( result.items[ 0 ][ 0 ] ).to.have.key( 'foobar' );
expect( result.items[ 0 ][ 0 ] ).not.to.have.key( 'foobaz' );
expect( result.items[ 0 ][ 2 ] ).to.have.key( 'foobar' );
expect( result.items[ 0 ][ 2 ] ).to.have.key( 'foobaz' );
expect( result.items[ 1 ] ).to.be.a( Violation );
expect( result.items[ 1 ].assert ).to.be( 'Count' );
} )
This assert allows you to add the custom rules / assert you want. Just give a callback function that will be called with the value to be tested against. Return true for validation success, everything else if there is an error.
Here is an example from test suite test showing how this assert works:
it( 'Callback', function () {
assert = is.callback( function ( value ) {
var calc = ( 42 / value ) % 2;
return calc ? true : calc;
} );
expect( validate( 3, assert ) ).not.to.be( true );
expect( validate( 3, assert ).show() ).to.eql( { assert: 'Callback', value: 3, violation: { result: 0 } } );
expect( validate( 42, assert ) ).to.be( true );
// improved Callback
assert = is.callback( function ( value, string1, string2 ) {
return value + string1 + string2 === 'foobarbaz';
}, 'bar', 'baz' );
expect( validate( 'foo', assert ) ).to.be( true );
expect( validate( 'bar', assert ) ).to.be( false );
} )
This assert adds conditional asserts to the schema based on another key.
Here is an example showing how this assert works:
it( 'When', function () {
// Using `is` and `otherwise`.
assert = {
foo: is.when( 'bar', {
is: is.ofLength( { min: 4 } ) ],
otherwise: is.Length( { min: 5 } )
} )
};
expect( validator.validate( { foo: 'foo' }, assert ) ).to.be( true );
expect( validator.validate( { foo: 'foo', bar: 'bar' }, assert ) ).to.not.be( true );
expect( validator.validate( { foo: 'foobar', bar: 'bar' }, assert ) ).to.be( true );
expect( validator.validate( { foo: 'foo', bar: 'foobar' }, assert ) ).to.be( true );
// Using `is` and `then`.
assert = {
foo: is.when( 'bar', {
is: is.ofLength( { min: 4 } ),
then: is.ofLength( { min: 5 } )
} )
};
expect( validator.validate( { foo: 'foo' }, assert ) ).to.be( true );
expect( validator.validate( { foo: 'foo', bar: 'bar' }, assert ) ).to.not.be( true );
expect( validator.validate( { foo: 'foo', bar: 'foobar' }, assert ) ).to.not.be( true );
expect( validator.validate( { foo: 'foobar', bar: 'foobar' }, assert ) ).to.be( true );
// Using `is`, `then` and `otherwise`.
assert = {
foo: is.when( 'bar', {
is: is.ofLength( { min: 4 } ),
then: is.ofLength( { min: 5 } ),
otherwise: is.ofLength( { min: 4 } )
} )
};
expect( validator.validate( { foo: 'foo' }, assert ) ).to.be( true );
expect( validator.validate( { foo: 'foo', bar: 'bar' }, assert ) ).to.not.be( true );
expect( validator.validate( { foo: 'foobar', bar: 'bar' }, assert ) ).to.be( true );
expect( validator.validate( { foo: 'foo', bar: 'foobar' }, assert ) ).to.not.be( true );
expect( validator.validate( { foo: 'foobar', bar: 'foobar' }, assert ) ).to.be( true );
} )
Note that Length
assertion works for both String and Array type, so if you want to validate only strings, you should write an additional assertion:
validator.validate( 'foo', [
is.ofLength( { min: 4, max: 100 } ),
is.string()
] );
If you want to extend the library with your own asserts, you can use Assert.extend()
which will return a copy of validator.Assert
plus your custom asserts. This means that the original validator.Assert
is always pristine.
Example:
var Assert = Validator.Assert;
var isExtended = Assert.extend({
integer: Number.isInteger,
NaN: Number.isNaN
});
expect( validate( 10, isExtended.integer() ).to.be( true );
Run on modern browsers (IE10+). Please open an issue or a PR if you find a bug.
On node:
mocha tests/server.js
On browser:
FAQs
Powerful object and string validation in Javascript.
We found that validator.js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.