@arcis/node 1.6.1 → 1.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -3
- package/dist/_third_party/rate-limit/abstract.d.ts +36 -0
- package/dist/_third_party/rate-limit/abstract.d.ts.map +1 -0
- package/dist/_third_party/rate-limit/bursty.d.ts +21 -0
- package/dist/_third_party/rate-limit/bursty.d.ts.map +1 -0
- package/dist/_third_party/rate-limit/index.d.ts +12 -0
- package/dist/_third_party/rate-limit/index.d.ts.map +1 -0
- package/dist/_third_party/rate-limit/memory-storage.d.ts +28 -0
- package/dist/_third_party/rate-limit/memory-storage.d.ts.map +1 -0
- package/dist/_third_party/rate-limit/memory.d.ts +23 -0
- package/dist/_third_party/rate-limit/memory.d.ts.map +1 -0
- package/dist/_third_party/rate-limit/record.d.ts +11 -0
- package/dist/_third_party/rate-limit/record.d.ts.map +1 -0
- package/dist/_third_party/rate-limit/types.d.ts +39 -0
- package/dist/_third_party/rate-limit/types.d.ts.map +1 -0
- package/dist/astro/index.js +405 -0
- package/dist/astro/index.js.map +1 -1
- package/dist/astro/index.mjs +405 -0
- package/dist/astro/index.mjs.map +1 -1
- package/dist/bun/index.js +405 -0
- package/dist/bun/index.js.map +1 -1
- package/dist/bun/index.mjs +405 -0
- package/dist/bun/index.mjs.map +1 -1
- package/dist/fastify/index.js +405 -0
- package/dist/fastify/index.js.map +1 -1
- package/dist/fastify/index.mjs +405 -0
- package/dist/fastify/index.mjs.map +1 -1
- package/dist/hono/index.js +405 -0
- package/dist/hono/index.js.map +1 -1
- package/dist/hono/index.mjs +405 -0
- package/dist/hono/index.mjs.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +754 -5
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +754 -6
- package/dist/index.mjs.map +1 -1
- package/dist/koa/index.js +405 -0
- package/dist/koa/index.js.map +1 -1
- package/dist/koa/index.mjs +405 -0
- package/dist/koa/index.mjs.map +1 -1
- package/dist/middleware/brute-force.d.ts +69 -0
- package/dist/middleware/brute-force.d.ts.map +1 -0
- package/dist/middleware/index.js +702 -1
- package/dist/middleware/index.js.map +1 -1
- package/dist/middleware/index.mjs +702 -1
- package/dist/middleware/index.mjs.map +1 -1
- package/dist/middleware/nestjs.d.ts +50 -1
- package/dist/middleware/nestjs.d.ts.map +1 -1
- package/dist/middleware/protect.d.ts +9 -0
- package/dist/middleware/protect.d.ts.map +1 -1
- package/dist/nestjs/index.js +57 -2
- package/dist/nestjs/index.js.map +1 -1
- package/dist/nestjs/index.mjs +57 -3
- package/dist/nestjs/index.mjs.map +1 -1
- package/dist/nextjs/index.js +405 -0
- package/dist/nextjs/index.js.map +1 -1
- package/dist/nextjs/index.mjs +405 -0
- package/dist/nextjs/index.mjs.map +1 -1
- package/dist/nuxt/index.js +405 -0
- package/dist/nuxt/index.js.map +1 -1
- package/dist/nuxt/index.mjs +405 -0
- package/dist/nuxt/index.mjs.map +1 -1
- package/dist/sanitizers/index.js +2 -1
- package/dist/sanitizers/index.js.map +1 -1
- package/dist/sanitizers/index.mjs +2 -1
- package/dist/sanitizers/index.mjs.map +1 -1
- package/dist/sanitizers/ldap.d.ts.map +1 -1
- package/dist/sanitizers/prompt-injection.d.ts +3 -3
- package/dist/sanitizers/prompt-injection.d.ts.map +1 -1
- package/dist/sveltekit/index.js +405 -0
- package/dist/sveltekit/index.js.map +1 -1
- package/dist/sveltekit/index.mjs +405 -0
- package/dist/sveltekit/index.mjs.map +1 -1
- package/package.json +2 -2
package/dist/nestjs/index.mjs
CHANGED
|
@@ -938,9 +938,10 @@ function detectXxe(input) {
|
|
|
938
938
|
// src/sanitizers/ldap.ts
|
|
939
939
|
var LDAP_DETECT_PATTERN = /[*()\\\x00]/;
|
|
940
940
|
var LDAP_INJECTION_PATTERN = /\)\s*\(|\*\s*\)\s*\(/;
|
|
941
|
+
var LDAP_NOT_BYPASS_PATTERN = /\)\s*\(\s*!|&\s*\(\s*!|\|\s*\(\s*!/;
|
|
941
942
|
function detectLdapInjection(input) {
|
|
942
943
|
if (typeof input !== "string") return false;
|
|
943
|
-
return LDAP_DETECT_PATTERN.test(input) || LDAP_INJECTION_PATTERN.test(input);
|
|
944
|
+
return LDAP_DETECT_PATTERN.test(input) || LDAP_INJECTION_PATTERN.test(input) || LDAP_NOT_BYPASS_PATTERN.test(input);
|
|
944
945
|
}
|
|
945
946
|
|
|
946
947
|
// src/sanitizers/xpath.ts
|
|
@@ -1747,6 +1748,54 @@ var ArcisMiddleware = class {
|
|
|
1747
1748
|
this.handlers.close();
|
|
1748
1749
|
}
|
|
1749
1750
|
};
|
|
1751
|
+
var ArcisGuard = class {
|
|
1752
|
+
constructor(options = {}) {
|
|
1753
|
+
this.handlers = arcis(options);
|
|
1754
|
+
}
|
|
1755
|
+
canActivate(context) {
|
|
1756
|
+
const http = context.switchToHttp();
|
|
1757
|
+
const req = http.getRequest();
|
|
1758
|
+
const res = http.getResponse();
|
|
1759
|
+
return new Promise((resolve, reject) => {
|
|
1760
|
+
const handlers = this.handlers;
|
|
1761
|
+
let i = 0;
|
|
1762
|
+
const run = (err) => {
|
|
1763
|
+
if (err !== void 0) {
|
|
1764
|
+
reject(err);
|
|
1765
|
+
return;
|
|
1766
|
+
}
|
|
1767
|
+
if (res.headersSent) {
|
|
1768
|
+
resolve(false);
|
|
1769
|
+
return;
|
|
1770
|
+
}
|
|
1771
|
+
const handler = handlers[i++];
|
|
1772
|
+
if (!handler) {
|
|
1773
|
+
resolve(!res.headersSent);
|
|
1774
|
+
return;
|
|
1775
|
+
}
|
|
1776
|
+
let advanced = false;
|
|
1777
|
+
const wrappedNext = (innerErr) => {
|
|
1778
|
+
advanced = true;
|
|
1779
|
+
run(innerErr);
|
|
1780
|
+
};
|
|
1781
|
+
try {
|
|
1782
|
+
handler(req, res, wrappedNext);
|
|
1783
|
+
} catch (caught) {
|
|
1784
|
+
reject(caught);
|
|
1785
|
+
return;
|
|
1786
|
+
}
|
|
1787
|
+
if (!advanced && res.headersSent) {
|
|
1788
|
+
resolve(false);
|
|
1789
|
+
}
|
|
1790
|
+
};
|
|
1791
|
+
run();
|
|
1792
|
+
});
|
|
1793
|
+
}
|
|
1794
|
+
/** Release rate-limiter intervals etc. Call from `OnApplicationShutdown`. */
|
|
1795
|
+
close() {
|
|
1796
|
+
this.handlers.close();
|
|
1797
|
+
}
|
|
1798
|
+
};
|
|
1750
1799
|
var ArcisModule = class _ArcisModule {
|
|
1751
1800
|
static forRoot(options = {}) {
|
|
1752
1801
|
return {
|
|
@@ -1757,14 +1806,19 @@ var ArcisModule = class _ArcisModule {
|
|
|
1757
1806
|
provide: ArcisMiddleware,
|
|
1758
1807
|
useFactory: (opts) => new ArcisMiddleware(opts),
|
|
1759
1808
|
inject: [ARCIS_OPTIONS]
|
|
1809
|
+
},
|
|
1810
|
+
{
|
|
1811
|
+
provide: ArcisGuard,
|
|
1812
|
+
useFactory: (opts) => new ArcisGuard(opts),
|
|
1813
|
+
inject: [ARCIS_OPTIONS]
|
|
1760
1814
|
}
|
|
1761
1815
|
],
|
|
1762
|
-
exports: [ArcisMiddleware]
|
|
1816
|
+
exports: [ArcisMiddleware, ArcisGuard]
|
|
1763
1817
|
};
|
|
1764
1818
|
}
|
|
1765
1819
|
};
|
|
1766
1820
|
var nestjs_default = ArcisModule;
|
|
1767
1821
|
|
|
1768
|
-
export { ARCIS_OPTIONS, ArcisMiddleware, ArcisModule, nestjs_default as default };
|
|
1822
|
+
export { ARCIS_OPTIONS, ArcisGuard, ArcisMiddleware, ArcisModule, nestjs_default as default };
|
|
1769
1823
|
//# sourceMappingURL=index.mjs.map
|
|
1770
1824
|
//# sourceMappingURL=index.mjs.map
|