@arcis/node 1.4.0 → 1.4.3

package/dist/middleware/main.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"main.d.ts","sourceRoot":"","sources":["../../src/middleware/main.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,oBAAoB,EAIrB,MAAM,eAAe,CAAC;AAQvB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAgB,KAAK,CAAC,OAAO,GAAE,YAAiB,GAAG,oBAAoB,CAuCtE;AAGD,QAAA,MAAM,gBAAgB,EAAY,aAAa,CAAC;AAQhD,OAAO,EAAE,gBAAgB,IAAI,aAAa,EAAE,CAAC;AAC7C,eAAe,gBAAgB,CAAC"}
+{"version":3,"file":"main.d.ts","sourceRoot":"","sources":["../../src/middleware/main.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,oBAAoB,EAIrB,MAAM,eAAe,CAAC;AAwCvB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAgB,KAAK,CAAC,OAAO,GAAE,YAAiB,GAAG,oBAAoB,CAyDtE;AAGD,QAAA,MAAM,gBAAgB,EAAY,aAAa,CAAC;AAQhD,OAAO,EAAE,gBAAgB,IAAI,aAAa,EAAE,CAAC;AAC7C,eAAe,gBAAgB,CAAC"}

package/dist/middleware/rate-limit.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"rate-limit.d.ts","sourceRoot":"","sources":["../../src/middleware/rate-limit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,gBAAgB,EAAE,qBAAqB,EAAkB,MAAM,eAAe,CAAC;AAO7F;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,GAAE,gBAAqB,GAAG,qBAAqB,CAiHvF;AAED;;;GAGG;AACH,eAAO,MAAM,SAAS,0BAAoB,CAAC"}
+{"version":3,"file":"rate-limit.d.ts","sourceRoot":"","sources":["../../src/middleware/rate-limit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,gBAAgB,EAAE,qBAAqB,EAAkB,MAAM,eAAe,CAAC;AAO7F;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,GAAE,gBAAqB,GAAG,qBAAqB,CAuIvF;AAED;;;GAGG;AACH,eAAO,MAAM,SAAS,0BAAoB,CAAC"}

package/dist/middleware/signup-protection.d.ts

@@ -0,0 +1,65 @@
+/**
+ * @module @arcis/node/middleware/signup-protection
+ *
+ * Composite signup-form protection: one middleware that combines email
+ * validation (syntax + disposable), bot detection, and a dedicated
+ * per-IP rate limit. Matches the Arcjet `protectSignup` convenience
+ * primitive but stays fully local — no cloud lookups.
+ *
+ * @example
+ *   app.post('/signup', signupProtection(), handler);
+ *
+ * @example
+ *   app.post('/signup', signupProtection({
+ *     emailField: 'email',
+ *     rateLimit: { max: 5, windowMs: 60_000 },
+ *     blockDisposable: true,
+ *   }), handler);
+ */
+import type { Request, RequestHandler } from 'express';
+import { type BotCategory } from './bot-detection';
+export type SignupBlockReason = 'missing_email' | 'invalid_email' | 'disposable_email' | 'bot' | 'rate_limited';
+export interface SignupCheckResult {
+    allowed: boolean;
+    reason: SignupBlockReason | 'ok';
+    details?: Record<string, unknown>;
+}
+export interface SignupProtectionOptions {
+    /** Request body field holding the email address. Default: 'email' */
+    emailField?: string;
+    /** Run email validation. Default: true */
+    checkEmail?: boolean;
+    /** Reject disposable email domains. Default: true */
+    blockDisposable?: boolean;
+    /** Run bot detection. Default: true */
+    checkBot?: boolean;
+    /** Bot categories allowed through (e.g. test harnesses). Default: [] — all bots blocked */
+    allowedBotCategories?: BotCategory[];
+    /** Per-IP rate limit on signup endpoint. Set to `false` to disable. Default: 5 requests / 60s */
+    rateLimit?: {
+        max?: number;
+        windowMs?: number;
+    } | false;
+    /** Extra email domains to allow (bypasses disposable check) */
+    allowedEmailDomains?: string[];
+    /** Extra email domains to block */
+    blockedEmailDomains?: string[];
+    /** Called when a request is blocked — for telemetry/logging */
+    onBlocked?: (req: Request, result: SignupCheckResult) => void;
+}
+export interface SignupProtectionMiddleware extends RequestHandler {
+    /** Release the rate-limiter cleanup interval */
+    close: () => void;
+}
+/**
+ * Pure signup check — no rate-limit mutation, no response writes.
+ * Useful for framework adapters or custom control flow.
+ */
+export declare function checkSignup(req: Request, options?: SignupProtectionOptions): SignupCheckResult;
+/**
+ * Express middleware: applies bot + email + rate-limit checks to a signup
+ * endpoint. Responds 400/403/429 with a JSON body on block; otherwise
+ * calls `next()`.
+ */
+export declare function signupProtection(options?: SignupProtectionOptions): SignupProtectionMiddleware;
+//# sourceMappingURL=signup-protection.d.ts.map

package/dist/middleware/signup-protection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signup-protection.d.ts","sourceRoot":"","sources":["../../src/middleware/signup-protection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,EAAE,OAAO,EAA0B,cAAc,EAAE,MAAM,SAAS,CAAC;AAE/E,OAAO,EAAa,KAAK,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAG9D,MAAM,MAAM,iBAAiB,GACzB,eAAe,GACf,eAAe,GACf,kBAAkB,GAClB,KAAK,GACL,cAAc,CAAC;AAEnB,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAAC;IACjC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,uBAAuB;IACtC,qEAAqE;IACrE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,0CAA0C;IAC1C,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,qDAAqD;IACrD,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,uCAAuC;IACvC,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,2FAA2F;IAC3F,oBAAoB,CAAC,EAAE,WAAW,EAAE,CAAC;IACrC,iGAAiG;IACjG,SAAS,CAAC,EAAE;QAAE,GAAG,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,KAAK,CAAC;IACxD,+DAA+D;IAC/D,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,mCAAmC;IACnC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,+DAA+D;IAC/D,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,iBAAiB,KAAK,IAAI,CAAC;CAC/D;AAED,MAAM,WAAW,0BAA2B,SAAQ,cAAc;IAChE,gDAAgD;IAChD,KAAK,EAAE,MAAM,IAAI,CAAC;CACnB;AAED;;;GAGG;AACH,wBAAgB,WAAW,CACzB,GAAG,EAAE,OAAO,EACZ,OAAO,GAAE,uBAA4B,GACpC,iBAAiB,CAwCnB;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,GAAE,uBAA4B,GACpC,0BAA0B,CAiD5B"}

package/dist/middleware/telemetry.d.ts

@@ -0,0 +1,36 @@
+/**
+ * @module @arcis/node/middleware/telemetry
+ * Bridges Arcis middleware decisions to a TelemetryClient.
+ * Pattern 3 (two-layer): the client owns transport; this layer owns Express plumbing.
+ */
+import type { RequestHandler } from 'express';
+import type { TelemetryClient } from '../telemetry/client';
+import type { TelemetryDecision, TelemetrySeverity } from '../telemetry/types';
+/** Marker that inner middleware writes to and the emitter reads from. */
+export interface ArcisTelemetryMarker {
+    vector?: string;
+    rule?: string;
+    severity?: TelemetrySeverity;
+    matchedPattern?: string;
+    reason?: string;
+    /** Pre-decided decision. If absent, the emitter infers from response status. */
+    decision?: TelemetryDecision;
+}
+declare module 'express-serve-static-core' {
+    interface Request {
+        /** Per-request marker populated by Arcis middlewares for telemetry attribution. */
+        __arcis?: ArcisTelemetryMarker;
+    }
+}
+/**
+ * Express middleware that records a telemetry event for every request.
+ * Captures latency from entry, hooks `res.on('finish')`, and infers the
+ * final decision from response status + any `req.__arcis` marker.
+ */
+export declare function createTelemetryEmitter(client: TelemetryClient): RequestHandler;
+/**
+ * Wraps the sanitizer middleware so SecurityThreatError → req.__arcis marker.
+ * The emitter on `finish` will then have vector/rule/severity attribution.
+ */
+export declare function tapSanitizerThreats(handler: RequestHandler): RequestHandler;
+//# sourceMappingURL=telemetry.d.ts.map

package/dist/middleware/telemetry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"telemetry.d.ts","sourceRoot":"","sources":["../../src/middleware/telemetry.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAW,cAAc,EAAE,MAAM,SAAS,CAAC;AACvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,KAAK,EAAkB,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAG/F,yEAAyE;AACzE,MAAM,WAAW,oBAAoB;IACnC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,gFAAgF;IAChF,QAAQ,CAAC,EAAE,iBAAiB,CAAC;CAC9B;AAED,OAAO,QAAQ,2BAA2B,CAAC;IACzC,UAAU,OAAO;QACf,mFAAmF;QACnF,OAAO,CAAC,EAAE,oBAAoB,CAAC;KAChC;CACF;AAcD;;;;GAIG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,eAAe,GAAG,cAAc,CAe9E;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,cAAc,GAAG,cAAc,CAiB3E"}

package/dist/sanitizers/encode.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"encode.d.ts","sourceRoot":"","sources":["../../src/sanitizers/encode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAaH;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAGnD;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAiBxD;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAmBjD;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAOlD;AAED;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAkBlD"}
+{"version":3,"file":"encode.d.ts","sourceRoot":"","sources":["../../src/sanitizers/encode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAaH;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAGnD;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAiBxD;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAwBjD;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAOlD;AAED;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAkBlD"}

package/dist/sanitizers/index.d.ts

@@ -15,5 +15,6 @@ export { sanitizeJsonpCallback, detectJsonpInjection } from './jsonp';
 export { sanitizeHeaderValue, sanitizeHeaders, detectHeaderInjection } from './headers';
 export { scanPii, detectPii, redactPii, scanObjectPii, redactObjectPii } from './pii';
 export { encodeForHtml, encodeForAttribute, encodeForJs, encodeForUrl, encodeForCss } from './encode';
+export { sanitizeLdapFilter, sanitizeLdapDn, detectLdapInjection } from './ldap';
 export { encodeHtmlEntities, isPlainObject } from './utils';
 //# sourceMappingURL=index.d.ts.map

package/dist/sanitizers/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/sanitizers/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAG7E,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AAGpE,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAG3F,OAAO,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGnG,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAGlD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAG/C,OAAO,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,SAAS,CAAC;AAGtE,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AAGxF,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,OAAO,CAAC;AAGtF,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAGtG,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/sanitizers/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAG7E,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AAGpE,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAG3F,OAAO,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGnG,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAGlD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAG/C,OAAO,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,SAAS,CAAC;AAGtE,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AAGxF,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,OAAO,CAAC;AAGtF,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAGtG,OAAO,EAAE,kBAAkB,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAGjF,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC"}

package/dist/sanitizers/index.js

@@ -27,13 +27,24 @@ var XSS_PATTERNS = [
   /** URL-encoded script tags */
   /%3Cscript/gi,
   /** SVG with onload */
-  /<svg[^>]*onload/gi
+  /<svg[^>]*onload/gi,
+  /** form tags — phishing/credential harvesting via action= redirection */
+  /<form[\s>]/gi,
+  /** meta tags — http-equiv refresh redirects or CSP bypass */
+  /<meta[\s>]/gi,
+  /** base href hijacking — redirects all relative URLs to attacker domain */
+  /<base[\s>]/gi,
+  /** link tag injection — stylesheet or preload CSRF attacks */
+  /<link[\s>]/gi
 ];
 var XSS_REMOVE_PATTERNS = [
   /** Full script blocks (content + tags) */
   /<script[^>]*>[\s\S]*?<\/script>/gi,
   /** Standalone/unclosed script tags */
   /<script[^>]*>/gi,
+  /** style — CSS expression() and behavior: attacks (IE-era but still relevant) */
+  /<style[^>]*>[\s\S]*?<\/style>/gi,
+  /<style[^>]*/gi,
   /** iframe — full block and partial/unclosed */
   /<iframe[^>]*>[\s\S]*?<\/iframe>/gi,
   /<iframe[^>]*/gi,
@@ -54,7 +65,15 @@ var XSS_REMOVE_PATTERNS = [
   /javascript\s*:/gi,
   /vbscript\s*:/gi,
   /** data: URIs with HTML/script content */
-  /data\s*:\s*text\/html[^>\s]*/gi
+  /data\s*:\s*text\/html[^>\s]*/gi,
+  /** form tag injection — phishing via action= redirection */
+  /<form[\s>][^>]*/gi,
+  /** meta tag injection — http-equiv refresh or CSP bypass */
+  /<meta[\s>][^>]*/gi,
+  /** base href hijacking */
+  /<base[\s>][^>]*/gi,
+  /** link tag injection — stylesheet or preload attacks */
+  /<link[\s>][^>]*/gi
 ];
 var SQL_PATTERNS = [
   /** SQL keywords */
@@ -118,8 +137,8 @@ var COMMAND_PATTERNS = [
   /[;&|`]/g,
   /** Command substitution: $( ... ) — matched as a pair to reduce false positives */
   /\$\(/g,
-  /** URL-encoded newline/carriage-return injection (%0a, %0d) */
-  /%0[ad]/gi
+  /** URL-encoded control characters (%00-%0F): null, tab, vtab, formfeed, LF, CR */
+  /%0[0-9a-f]/gi
 ];
 var DANGEROUS_PROTO_KEYS = /* @__PURE__ */ new Set([
   "__proto__",
@@ -323,26 +342,31 @@ function sanitizePath(input, collectThreats = false) {
   const threats = [];
   let value = input;
   let wasSanitized = false;
-  for (const pattern of PATH_PATTERNS) {
-    pattern.lastIndex = 0;
-    if (pattern.test(value)) {
+  value = value.normalize("NFKC");
+  let prev;
+  do {
+    prev = value;
+    for (const pattern of PATH_PATTERNS) {
       pattern.lastIndex = 0;
-      if (collectThreats) {
-        const matches = value.match(pattern);
-        if (matches) {
-          for (const match of matches) {
-            threats.push({
-              type: "path_traversal",
-              pattern: pattern.source,
-              original: match
-            });
+      if (pattern.test(value)) {
+        pattern.lastIndex = 0;
+        if (collectThreats) {
+          const matches = value.match(pattern);
+          if (matches) {
+            for (const match of matches) {
+              threats.push({
+                type: "path_traversal",
+                pattern: pattern.source,
+                original: match
+              });
+            }
           }
         }
+        value = value.replace(pattern, "");
+        wasSanitized = true;
       }
-      value = value.replace(pattern, "");
-      wasSanitized = true;
     }
-  }
+  } while (value !== prev);
   if (collectThreats) {
     return { value, wasSanitized, threats };
   }
@@ -350,9 +374,10 @@ function sanitizePath(input, collectThreats = false) {
 }
 function detectPathTraversal(input) {
   if (typeof input !== "string") return false;
+  const normalized = input.normalize("NFKC");
   for (const pattern of PATH_PATTERNS) {
     pattern.lastIndex = 0;
-    if (pattern.test(input)) {
+    if (pattern.test(normalized)) {
       return true;
     }
   }
@@ -410,7 +435,7 @@ function sanitizeString(value, options = {}) {
   if (value.length > maxSize) {
     throw new InputTooLargeError(maxSize, value.length);
   }
-  const reject = options.mode !== "sanitize";
+  const reject = options.mode === "reject";
   let result = value;
   if (options.sql !== false) {
     if (reject) {
@@ -565,10 +590,24 @@ var SSTI_DETECT_PATTERNS = [
   /\{\{\s*(?:self|request|lipsum|cycler|joiner|namespace|range)\b/gi
 ];
 var SSTI_REMOVE_PATTERNS = [
+  /** Jinja2 / Twig: {{ ... }} — always strip (not valid in any JS context) */
   /\{\{.*?\}\}/g,
-  /\$\{.*?\}/g,
+  /**
+   * Freemarker / Spring EL: ${...} — strip when expression contains operators,
+   * method calls, or Python dunder patterns (sandbox escape).
+   * Bare ${name} and ${user.name} are left intact (JS template literal syntax).
+   */
+  /\$\{[^}]*__\w+__[^}]*\}/g,
+  /\$\{[^}]*[?!()*+\-/][^}]*\}/g,
+  /** ERB / EJS: <%= ... %> */
   /<%[=\-]?.*?%>/gs,
-  /#\{.*?\}/g,
+  /**
+   * Pug / Jade: #{...} — same narrowing as ${ above, plus dunder detection.
+   * #{name} output expressions are left intact.
+   */
+  /#\{[^}]*__\w+__[^}]*\}/g,
+  /#\{[^}]*[?!()*+\-/][^}]*\}/g,
+  /** Python dunder sandbox escape — always strip */
   /__(?:class|mro|subclasses|globals|builtins|import)__/gi
 ];
 function sanitizeSsti(input, collectThreats = false) {
@@ -615,6 +654,8 @@ function detectSsti(input) {
 }
 
 // src/sanitizers/xxe.ts
+var MAX_XXE_INPUT_BYTES = 1e6;
+var MAX_ENTITY_REFERENCES = 64;
 var XXE_DETECT_PATTERNS = [
   /** DOCTYPE declaration */
   /<!DOCTYPE\b/gi,
@@ -644,6 +685,19 @@ function sanitizeXxe(input, collectThreats = false) {
   const threats = [];
   let value = input;
   let wasSanitized = false;
+  if (value.length > MAX_XXE_INPUT_BYTES) {
+    if (collectThreats) {
+      threats.push({ type: "xxe", pattern: "oversize_input", original: `length=${value.length}` });
+    }
+    return collectThreats ? { value: "", wasSanitized: true, threats } : "";
+  }
+  const entityRefs = value.match(/&\w+;/g);
+  if (entityRefs && entityRefs.length > MAX_ENTITY_REFERENCES) {
+    if (collectThreats) {
+      threats.push({ type: "xxe", pattern: "entity_expansion", original: `count=${entityRefs.length}` });
+    }
+    return collectThreats ? { value: "", wasSanitized: true, threats } : "";
+  }
   for (const pattern of XXE_REMOVE_PATTERNS) {
     pattern.lastIndex = 0;
     if (pattern.test(value)) {
@@ -681,12 +735,10 @@ function detectXxe(input) {
 }
 
 // src/sanitizers/jsonp.ts
-var SAFE_CALLBACK_PATTERN = /^[a-zA-Z_$][a-zA-Z0-9_$.[\]]*$/;
+var SAFE_CALLBACK_PATTERN = /^[a-zA-Z_$][a-zA-Z0-9_$.]*$/;
 var DANGEROUS_CALLBACK_PATTERNS = [
-  /\.\./,
+  /\.\./
   // prototype chain traversal
-  /\[\s*\]/
-  // empty bracket access
 ];
 function sanitizeJsonpCallback(callback, maxLength = 128) {
   if (typeof callback !== "string" || callback.length === 0) {
@@ -771,7 +823,7 @@ function detectHeaderInjection(input) {
 
 // src/sanitizers/pii.ts
 var EMAIL_RE = /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z]{2,})+/g;
-var PHONE_RE = /(?:\+?1[-.\s]?)?\(?[2-9]\d{2}\)?[-.\s]?\d{3}[-.\s]?\d{4}/g;
+var PHONE_RE = /(?<!\d)(?:\+?1[-.\s]?)?\(?[2-9]\d{2}\)?[-.\s]?\d{3}[-.\s]?\d{4}(?!\d)/g;
 var CREDIT_CARD_RE = /\b(?:\d[ -]*?){13,19}\b/g;
 var SSN_RE = /\b\d{3}[-\s]\d{2}[-\s]\d{4}\b/g;
 var IPV4_RE = /\b(?:(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\b/g;
@@ -932,16 +984,18 @@ function encodeForAttribute(value) {
 function encodeForJs(value) {
   if (!value) return "";
   let result = "";
-  for (let i = 0; i < value.length; i++) {
-    const ch = value.charCodeAt(i);
-    if (ch >= 48 && ch <= 57 || // 0-9
-    ch >= 65 && ch <= 90 || // A-Z
-    ch >= 97 && ch <= 122) {
-      result += value[i];
-    } else if (ch < 256) {
-      result += `\\x${ch.toString(16).toUpperCase().padStart(2, "0")}`;
+  for (const char of value) {
+    const cp = char.codePointAt(0);
+    if (cp >= 48 && cp <= 57 || // 0-9
+    cp >= 65 && cp <= 90 || // A-Z
+    cp >= 97 && cp <= 122) {
+      result += char;
+    } else if (cp < 256) {
+      result += `\\x${cp.toString(16).toUpperCase().padStart(2, "0")}`;
+    } else if (cp <= 65535) {
+      result += `\\u${cp.toString(16).toUpperCase().padStart(4, "0")}`;
     } else {
-      result += `\\u${ch.toString(16).toUpperCase().padStart(4, "0")}`;
+      result += `\\u{${cp.toString(16).toUpperCase()}}`;
     }
   }
   return result;
@@ -968,10 +1022,30 @@ function encodeForCss(value) {
   return result;
 }
 
+// src/sanitizers/ldap.ts
+var LDAP_FILTER_CHARS = /[*()\\\x00]/g;
+var LDAP_DN_CHARS = /[,+<>;"=\/\\\x00*()\x00]/g;
+var LDAP_DETECT_PATTERN = /[*()\\\x00]/;
+var LDAP_INJECTION_PATTERN = /\)\s*\(|\*\s*\)\s*\(/;
+var escapeChar = (char) => "\\" + char.charCodeAt(0).toString(16).padStart(2, "0");
+function sanitizeLdapFilter(input) {
+  if (typeof input !== "string") return String(input);
+  return input.replace(LDAP_FILTER_CHARS, escapeChar);
+}
+function sanitizeLdapDn(input) {
+  if (typeof input !== "string") return String(input);
+  return input.replace(LDAP_DN_CHARS, escapeChar);
+}
+function detectLdapInjection(input) {
+  if (typeof input !== "string") return false;
+  return LDAP_DETECT_PATTERN.test(input) || LDAP_INJECTION_PATTERN.test(input);
+}
+
 exports.createSanitizer = createSanitizer;
 exports.detectCommandInjection = detectCommandInjection;
 exports.detectHeaderInjection = detectHeaderInjection;
 exports.detectJsonpInjection = detectJsonpInjection;
+exports.detectLdapInjection = detectLdapInjection;
 exports.detectNoSqlInjection = detectNoSqlInjection;
 exports.detectPathTraversal = detectPathTraversal;
 exports.detectPii = detectPii;
@@ -997,6 +1071,8 @@ exports.sanitizeCommand = sanitizeCommand;
 exports.sanitizeHeaderValue = sanitizeHeaderValue;
 exports.sanitizeHeaders = sanitizeHeaders;
 exports.sanitizeJsonpCallback = sanitizeJsonpCallback;
+exports.sanitizeLdapDn = sanitizeLdapDn;
+exports.sanitizeLdapFilter = sanitizeLdapFilter;
 exports.sanitizeObject = sanitizeObject;
 exports.sanitizePath = sanitizePath;
 exports.sanitizeSql = sanitizeSql;