@blamejs/core 0.14.1 → 0.14.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/lib/_test/crypto-fixtures.js +3 -3
- package/lib/a2a-tasks.js +18 -18
- package/lib/a2a.js +4 -4
- package/lib/acme.js +3 -3
- package/lib/agent-idempotency.js +1 -1
- package/lib/agent-orchestrator.js +8 -8
- package/lib/agent-posture-chain.js +2 -2
- package/lib/agent-saga.js +1 -1
- package/lib/agent-snapshot.js +1 -1
- package/lib/agent-stream.js +1 -1
- package/lib/agent-tenant.js +1 -1
- package/lib/agent-trace.js +3 -3
- package/lib/ai-capability.js +1 -1
- package/lib/ai-dp.js +4 -4
- package/lib/ai-input.js +3 -3
- package/lib/ai-model-manifest.js +7 -7
- package/lib/ai-pref.js +3 -3
- package/lib/archive-gz.js +2 -2
- package/lib/archive-read.js +25 -25
- package/lib/archive-tar-read.js +2 -2
- package/lib/archive-tar.js +20 -20
- package/lib/archive-wrap.js +10 -10
- package/lib/argon2-builtin.js +1 -1
- package/lib/asn1-der.js +34 -34
- package/lib/atomic-file.js +2 -2
- package/lib/audit-daily-review.js +3 -3
- package/lib/audit-sign.js +5 -5
- package/lib/audit-tools.js +1 -1
- package/lib/audit.js +2 -2
- package/lib/auth/acr-vocabulary.js +2 -2
- package/lib/auth/bot-challenge.js +3 -3
- package/lib/auth/ciba.js +7 -7
- package/lib/auth/dpop.js +3 -3
- package/lib/auth/fido-mds3.js +8 -8
- package/lib/auth/jwt-external.js +5 -5
- package/lib/auth/oauth.js +2 -2
- package/lib/auth/oid4vci.js +9 -9
- package/lib/auth/oid4vp.js +2 -2
- package/lib/auth/openid-federation.js +2 -2
- package/lib/auth/passkey.js +3 -3
- package/lib/auth/saml.js +23 -23
- package/lib/auth/sd-jwt-vc-disclosure.js +1 -1
- package/lib/auth/sd-jwt-vc.js +4 -4
- package/lib/auth/status-list.js +10 -10
- package/lib/auth/step-up.js +1 -1
- package/lib/auth-bot-challenge.js +1 -1
- package/lib/backup/index.js +7 -7
- package/lib/base32.js +8 -8
- package/lib/budr.js +2 -2
- package/lib/cache-status.js +2 -2
- package/lib/calendar.js +23 -23
- package/lib/cbor.js +12 -12
- package/lib/cdn-cache-control.js +1 -1
- package/lib/cert.js +5 -5
- package/lib/cloud-events.js +5 -5
- package/lib/cms-codec.js +21 -21
- package/lib/codepoint-class.js +12 -12
- package/lib/compliance-sanctions-fuzzy.js +4 -4
- package/lib/compliance-sanctions.js +4 -4
- package/lib/compliance.js +29 -29
- package/lib/content-credentials.js +36 -36
- package/lib/cookies.js +1 -1
- package/lib/cose.js +13 -13
- package/lib/cra-report.js +1 -1
- package/lib/crdt.js +1 -1
- package/lib/crypto-field.js +2 -2
- package/lib/crypto-xwing.js +7 -7
- package/lib/crypto.js +6 -6
- package/lib/csp.js +2 -2
- package/lib/cwt.js +4 -4
- package/lib/dark-patterns.js +2 -2
- package/lib/data-act.js +2 -2
- package/lib/db-file-lifecycle.js +4 -4
- package/lib/db-query.js +1 -1
- package/lib/db.js +6 -6
- package/lib/dbsc.js +13 -13
- package/lib/did.js +17 -17
- package/lib/dora.js +4 -4
- package/lib/dsr.js +1 -1
- package/lib/early-hints.js +2 -2
- package/lib/eat.js +4 -4
- package/lib/external-db-migrate.js +1 -1
- package/lib/external-db.js +1 -1
- package/lib/flag-cache.js +1 -1
- package/lib/flag-evaluation-context.js +2 -2
- package/lib/graphql-federation.js +5 -5
- package/lib/guard-agent-registry.js +5 -5
- package/lib/guard-archive.js +24 -24
- package/lib/guard-cidr.js +33 -33
- package/lib/guard-csv.js +1 -1
- package/lib/guard-domain.js +10 -10
- package/lib/guard-dsn.js +4 -4
- package/lib/guard-email.js +19 -19
- package/lib/guard-event-bus-payload.js +4 -4
- package/lib/guard-event-bus-topic.js +6 -6
- package/lib/guard-filename.js +7 -7
- package/lib/guard-graphql.js +9 -9
- package/lib/guard-html-wcag-tagwalk.js +1 -1
- package/lib/guard-html-wcag.js +4 -4
- package/lib/guard-html.js +7 -7
- package/lib/guard-idempotency-key.js +6 -6
- package/lib/guard-image.js +4 -4
- package/lib/guard-imap-command.js +17 -17
- package/lib/guard-jmap.js +20 -20
- package/lib/guard-json.js +12 -12
- package/lib/guard-jsonpath.js +3 -3
- package/lib/guard-jwt.js +4 -4
- package/lib/guard-list-id.js +7 -7
- package/lib/guard-list-unsubscribe.js +8 -8
- package/lib/guard-mail-compose.js +4 -4
- package/lib/guard-mail-move.js +5 -5
- package/lib/guard-mail-query.js +3 -3
- package/lib/guard-mail-reply.js +3 -3
- package/lib/guard-mail-sieve.js +6 -6
- package/lib/guard-managesieve-command.js +25 -25
- package/lib/guard-markdown.js +31 -31
- package/lib/guard-message-id.js +5 -5
- package/lib/guard-mime.js +1 -1
- package/lib/guard-oauth.js +3 -3
- package/lib/guard-pdf.js +6 -6
- package/lib/guard-pop3-command.js +11 -11
- package/lib/guard-posture-chain.js +5 -5
- package/lib/guard-regex.js +10 -10
- package/lib/guard-saga-config.js +5 -5
- package/lib/guard-smtp-command.js +6 -6
- package/lib/guard-snapshot-envelope.js +3 -3
- package/lib/guard-stream-args.js +4 -4
- package/lib/guard-svg.js +11 -11
- package/lib/guard-tenant-id.js +5 -5
- package/lib/guard-time.js +15 -15
- package/lib/guard-trace-context.js +4 -4
- package/lib/guard-uuid.js +11 -11
- package/lib/guard-xml.js +12 -12
- package/lib/guard-yaml.js +16 -16
- package/lib/honeytoken.js +5 -5
- package/lib/http-client.js +1 -1
- package/lib/http-message-signature.js +2 -2
- package/lib/iab-mspa.js +3 -3
- package/lib/iab-tcf.js +70 -70
- package/lib/inbox.js +4 -4
- package/lib/ip-utils.js +15 -15
- package/lib/jose-jwe-experimental.js +2 -2
- package/lib/json-path.js +3 -3
- package/lib/json-schema.js +1 -1
- package/lib/jsonapi.js +3 -3
- package/lib/jtd.js +2 -2
- package/lib/link-header.js +1 -1
- package/lib/local-db-thin.js +1 -1
- package/lib/log.js +1 -1
- package/lib/lro.js +4 -4
- package/lib/mail-agent.js +1 -1
- package/lib/mail-arc-sign.js +6 -6
- package/lib/mail-auth.js +43 -43
- package/lib/mail-bimi.js +3 -3
- package/lib/mail-crypto-pgp.js +31 -31
- package/lib/mail-crypto-smime.js +5 -5
- package/lib/mail-dav.js +1 -1
- package/lib/mail-deploy.js +39 -39
- package/lib/mail-dkim.js +11 -11
- package/lib/mail-greylist.js +12 -12
- package/lib/mail-helo.js +1 -1
- package/lib/mail-journal.js +8 -8
- package/lib/mail-rbl.js +7 -7
- package/lib/mail-scan.js +7 -7
- package/lib/mail-send-deliver.js +2 -2
- package/lib/mail-server-imap.js +12 -12
- package/lib/mail-server-jmap.js +16 -16
- package/lib/mail-server-managesieve.js +4 -4
- package/lib/mail-server-mx.js +17 -17
- package/lib/mail-server-pop3.js +4 -4
- package/lib/mail-server-rate-limit.js +2 -2
- package/lib/mail-server-submission.js +21 -21
- package/lib/mail-sieve.js +2 -2
- package/lib/mail-spam-score.js +5 -5
- package/lib/mail-srs.js +12 -12
- package/lib/mail-store-fts.js +2 -2
- package/lib/mail-store.js +8 -8
- package/lib/mail-unsubscribe.js +4 -4
- package/lib/mail.js +4 -4
- package/lib/mcp-tool-registry.js +4 -4
- package/lib/mcp.js +9 -9
- package/lib/mdoc.js +2 -2
- package/lib/metrics.js +8 -8
- package/lib/middleware/age-gate.js +1 -1
- package/lib/middleware/api-encrypt.js +7 -7
- package/lib/middleware/assetlinks.js +2 -2
- package/lib/middleware/asyncapi-serve.js +2 -2
- package/lib/middleware/bearer-auth.js +5 -5
- package/lib/middleware/body-parser.js +5 -5
- package/lib/middleware/compose-pipeline.js +15 -15
- package/lib/middleware/csp-report.js +4 -4
- package/lib/middleware/daily-byte-quota.js +1 -1
- package/lib/middleware/dpop.js +1 -1
- package/lib/middleware/headers.js +2 -2
- package/lib/middleware/host-allowlist.js +1 -1
- package/lib/middleware/idempotency-key.js +12 -12
- package/lib/middleware/nel.js +1 -1
- package/lib/middleware/openapi-serve.js +2 -2
- package/lib/middleware/protected-resource-metadata.js +2 -2
- package/lib/middleware/require-aal.js +1 -1
- package/lib/middleware/require-bound-key.js +2 -2
- package/lib/middleware/require-content-type.js +1 -1
- package/lib/middleware/require-methods.js +1 -1
- package/lib/middleware/require-step-up.js +2 -2
- package/lib/middleware/scim-server.js +1 -1
- package/lib/middleware/security-txt.js +3 -3
- package/lib/middleware/tus-upload.js +12 -12
- package/lib/middleware/web-app-manifest.js +2 -2
- package/lib/network-byte-quota.js +1 -1
- package/lib/network-dns-resolver.js +23 -23
- package/lib/network-dns.js +29 -29
- package/lib/network-dnssec.js +33 -33
- package/lib/network-smtp-policy.js +10 -10
- package/lib/network-tls.js +87 -87
- package/lib/network-tsig.js +33 -33
- package/lib/nis2-report.js +1 -1
- package/lib/ntp-check.js +3 -3
- package/lib/observability-otlp-exporter.js +17 -17
- package/lib/observability-tracer.js +6 -6
- package/lib/observability.js +8 -8
- package/lib/openapi-yaml.js +1 -1
- package/lib/openapi.js +1 -1
- package/lib/outbox.js +6 -6
- package/lib/pqc-agent.js +4 -4
- package/lib/pqc-software.js +1 -1
- package/lib/privacy-pass.js +5 -5
- package/lib/problem-details.js +5 -5
- package/lib/promise-pool.js +1 -1
- package/lib/protobuf-encoder.js +1 -1
- package/lib/redact.js +2 -2
- package/lib/request-helpers.js +1 -1
- package/lib/router.js +10 -10
- package/lib/safe-async.js +2 -2
- package/lib/safe-dns.js +71 -71
- package/lib/safe-ical.js +19 -19
- package/lib/safe-icap.js +24 -24
- package/lib/safe-jsonpath.js +2 -2
- package/lib/safe-mime.js +10 -10
- package/lib/safe-mount-info.js +3 -3
- package/lib/safe-redirect.js +1 -1
- package/lib/safe-sieve.js +23 -23
- package/lib/safe-smtp.js +1 -1
- package/lib/safe-vcard.js +14 -14
- package/lib/sandbox.js +5 -5
- package/lib/sec-cyber.js +1 -1
- package/lib/self-update-standalone-verifier.js +3 -3
- package/lib/self-update.js +3 -3
- package/lib/server-timing.js +3 -3
- package/lib/session-device-binding.js +7 -7
- package/lib/session.js +8 -8
- package/lib/standard-webhooks.js +4 -4
- package/lib/storage.js +2 -2
- package/lib/stream-throttle.js +1 -1
- package/lib/structured-fields.js +15 -15
- package/lib/subject.js +1 -1
- package/lib/tcpa-10dlc.js +1 -1
- package/lib/tenant-quota.js +3 -3
- package/lib/test-harness.js +1 -1
- package/lib/tracing.js +1 -1
- package/lib/tsa.js +5 -5
- package/lib/uri-template.js +5 -5
- package/lib/vault/index.js +2 -2
- package/lib/vault/seal-pem-file.js +4 -4
- package/lib/vc.js +2 -2
- package/lib/vendor-data.js +1 -1
- package/lib/watcher.js +4 -4
- package/lib/web-push-vapid.js +21 -21
- package/lib/webhook.js +2 -2
- package/lib/websocket.js +3 -3
- package/lib/worker-pool.js +3 -3
- package/lib/ws-client.js +24 -24
- package/lib/xml-c14n.js +2 -2
- package/package.json +1 -1
- package/sbom.cdx.json +6 -6
|
@@ -89,31 +89,31 @@ var DEFAULT_PROFILE = "strict";
|
|
|
89
89
|
|
|
90
90
|
var PROFILES = Object.freeze({
|
|
91
91
|
strict: {
|
|
92
|
-
maxLineBytes: 8192, //
|
|
93
|
-
maxLiteralBytes: 67108864, //
|
|
94
|
-
maxMailboxBytes: 1024, //
|
|
95
|
-
maxSequenceSetItems: 10000, //
|
|
96
|
-
maxSearchDepth: 32, //
|
|
92
|
+
maxLineBytes: 8192, // 8 KiB command-line cap
|
|
93
|
+
maxLiteralBytes: 67108864, // 64 MiB per-literal cap
|
|
94
|
+
maxMailboxBytes: 1024, // RFC 9051 §5.1 mailbox cap
|
|
95
|
+
maxSequenceSetItems: 10000, // FETCH/STORE sequence-set element cap
|
|
96
|
+
maxSearchDepth: 32, // SEARCH AND/OR/NOT nesting cap
|
|
97
97
|
allowBareLf: false,
|
|
98
98
|
allowLiteralPlus: false, // LITERAL+ (RFC 7888) only post-AUTH; the listener flips this
|
|
99
99
|
allowLegacyMUtf7: false, // RFC 3501 §5.1.3 modified-UTF7 mailbox names — legacy MUA escape hatch
|
|
100
100
|
},
|
|
101
101
|
balanced: {
|
|
102
|
-
maxLineBytes: 16384, //
|
|
103
|
-
maxLiteralBytes: 134217728, //
|
|
104
|
-
maxMailboxBytes: 2048, //
|
|
105
|
-
maxSequenceSetItems: 50000, //
|
|
106
|
-
maxSearchDepth: 48, //
|
|
102
|
+
maxLineBytes: 16384, // 16 KiB command-line cap
|
|
103
|
+
maxLiteralBytes: 134217728, // 128 MiB per-literal cap
|
|
104
|
+
maxMailboxBytes: 2048, // balanced mailbox cap
|
|
105
|
+
maxSequenceSetItems: 50000, // balanced sequence-set cap
|
|
106
|
+
maxSearchDepth: 48, // balanced SEARCH-depth cap
|
|
107
107
|
allowBareLf: false,
|
|
108
108
|
allowLiteralPlus: true,
|
|
109
109
|
allowLegacyMUtf7: true,
|
|
110
110
|
},
|
|
111
111
|
permissive: {
|
|
112
|
-
maxLineBytes: 65536, //
|
|
113
|
-
maxLiteralBytes: 268435456, //
|
|
114
|
-
maxMailboxBytes: 4096, //
|
|
115
|
-
maxSequenceSetItems: 100000, //
|
|
116
|
-
maxSearchDepth: 64, //
|
|
112
|
+
maxLineBytes: 65536, // 64 KiB command-line cap (legacy peers)
|
|
113
|
+
maxLiteralBytes: 268435456, // 256 MiB per-literal cap
|
|
114
|
+
maxMailboxBytes: 4096, // permissive mailbox cap
|
|
115
|
+
maxSequenceSetItems: 100000, // permissive sequence-set cap
|
|
116
|
+
maxSearchDepth: 64, // permissive SEARCH-depth cap
|
|
117
117
|
allowBareLf: true,
|
|
118
118
|
allowLiteralPlus: true,
|
|
119
119
|
allowLegacyMUtf7: true,
|
|
@@ -224,10 +224,10 @@ function validate(line, opts) {
|
|
|
224
224
|
// shape.
|
|
225
225
|
for (var i = 0; i < line.length; i += 1) {
|
|
226
226
|
var c = line.charCodeAt(i);
|
|
227
|
-
if (c === 0x00 || c === 0x7F || (c < 0x20 && c !== 0x09)) { //
|
|
227
|
+
if (c === 0x00 || c === 0x7F || (c < 0x20 && c !== 0x09)) { // control-byte refusal
|
|
228
228
|
if (c === 0x0A && caps.allowBareLf) continue;
|
|
229
229
|
throw new GuardImapCommandError("guard-imap-command/bad-byte",
|
|
230
|
-
"guardImapCommand.validate: control byte 0x" + c.toString(16) + " at offset " + i); //
|
|
230
|
+
"guardImapCommand.validate: control byte 0x" + c.toString(16) + " at offset " + i); // hex format literal in error message
|
|
231
231
|
}
|
|
232
232
|
}
|
|
233
233
|
|
package/lib/guard-jmap.js
CHANGED
|
@@ -66,28 +66,28 @@ var DEFAULT_PROFILE = "strict";
|
|
|
66
66
|
|
|
67
67
|
var PROFILES = Object.freeze({
|
|
68
68
|
strict: {
|
|
69
|
-
maxCallsInRequest: 32, //
|
|
70
|
-
maxObjectsInGet: 500, //
|
|
71
|
-
maxObjectsInSet: 500, //
|
|
72
|
-
maxSizeRequest: 10485760, //
|
|
69
|
+
maxCallsInRequest: 32, // RFC 8620 §3.6 default
|
|
70
|
+
maxObjectsInGet: 500, // RFC 8620 §3.6 default
|
|
71
|
+
maxObjectsInSet: 500, // RFC 8620 §3.6 default
|
|
72
|
+
maxSizeRequest: 10485760, // 10 MiB request body cap
|
|
73
73
|
maxBackRefDepth: 8,
|
|
74
|
-
maxUsingCapabilities: 32, //
|
|
74
|
+
maxUsingCapabilities: 32, // `using` array length cap
|
|
75
75
|
},
|
|
76
76
|
balanced: {
|
|
77
|
-
maxCallsInRequest: 128, //
|
|
78
|
-
maxObjectsInGet: 1000, //
|
|
79
|
-
maxObjectsInSet: 1000, //
|
|
80
|
-
maxSizeRequest: 52428800, //
|
|
81
|
-
maxBackRefDepth: 16, //
|
|
82
|
-
maxUsingCapabilities: 64, //
|
|
77
|
+
maxCallsInRequest: 128, // balanced call cap
|
|
78
|
+
maxObjectsInGet: 1000, // balanced object cap
|
|
79
|
+
maxObjectsInSet: 1000, // balanced object cap
|
|
80
|
+
maxSizeRequest: 52428800, // 50 MiB balanced
|
|
81
|
+
maxBackRefDepth: 16, // balanced depth
|
|
82
|
+
maxUsingCapabilities: 64, // balanced using cap
|
|
83
83
|
},
|
|
84
84
|
permissive: {
|
|
85
|
-
maxCallsInRequest: 512, //
|
|
86
|
-
maxObjectsInGet: 5000, //
|
|
87
|
-
maxObjectsInSet: 5000, //
|
|
88
|
-
maxSizeRequest: 104857600, //
|
|
89
|
-
maxBackRefDepth: 32, //
|
|
90
|
-
maxUsingCapabilities: 128, //
|
|
85
|
+
maxCallsInRequest: 512, // permissive call cap
|
|
86
|
+
maxObjectsInGet: 5000, // permissive object cap
|
|
87
|
+
maxObjectsInSet: 5000, // permissive object cap
|
|
88
|
+
maxSizeRequest: 104857600, // 100 MiB permissive
|
|
89
|
+
maxBackRefDepth: 32, // permissive depth
|
|
90
|
+
maxUsingCapabilities: 128, // permissive using cap
|
|
91
91
|
},
|
|
92
92
|
});
|
|
93
93
|
|
|
@@ -239,7 +239,7 @@ function validate(rawBody, opts) {
|
|
|
239
239
|
throw new GuardJmapError("urn:ietf:params:jmap:error:invalidArguments",
|
|
240
240
|
"guardJmap.validate: methodCalls[" + ci + "][2] (clientId) must be a string");
|
|
241
241
|
}
|
|
242
|
-
if (call[2].length === 0 || call[2].length > 256) { //
|
|
242
|
+
if (call[2].length === 0 || call[2].length > 256) { // clientId length cap
|
|
243
243
|
throw new GuardJmapError("urn:ietf:params:jmap:error:invalidArguments",
|
|
244
244
|
"guardJmap.validate: methodCalls[" + ci + "][2] (clientId) length must be 1..256");
|
|
245
245
|
}
|
|
@@ -283,11 +283,11 @@ function _countBackRefs(node, depth, maxDepth) {
|
|
|
283
283
|
return maxA;
|
|
284
284
|
}
|
|
285
285
|
var keys = Object.keys(node);
|
|
286
|
-
if (keys.length > 1000) return -1; //
|
|
286
|
+
if (keys.length > 1000) return -1; // per-object key cap
|
|
287
287
|
var maxO = depth;
|
|
288
288
|
for (var k = 0; k < keys.length; k += 1) {
|
|
289
289
|
var key = keys[k];
|
|
290
|
-
var inc = (key === "resultOf" || key.charCodeAt(0) === 0x23) ? 1 : 0; //
|
|
290
|
+
var inc = (key === "resultOf" || key.charCodeAt(0) === 0x23) ? 1 : 0; // `#` (0x23) is the JMAP back-ref prefix
|
|
291
291
|
var d2 = _countBackRefs(node[key], depth + inc, maxDepth);
|
|
292
292
|
if (d2 === -1) return -1;
|
|
293
293
|
if (d2 > maxO) maxO = d2;
|
package/lib/guard-json.js
CHANGED
|
@@ -140,11 +140,11 @@ var PROFILES = Object.freeze({
|
|
|
140
140
|
requireTopLevelKeyAllowlist: false, // operator opts in via topLevelKeyAllowlist
|
|
141
141
|
topLevelKeyAllowlist: null,
|
|
142
142
|
maxBytes: C.BYTES.mib(2),
|
|
143
|
-
maxDepth: 8, //
|
|
144
|
-
maxKeysPerObject: 256, //
|
|
145
|
-
maxArrayLength: 1024, //
|
|
143
|
+
maxDepth: 8, // recursion depth, not byte size
|
|
144
|
+
maxKeysPerObject: 256, // key count cap, not byte size
|
|
145
|
+
maxArrayLength: 1024, // array length cap, not byte size
|
|
146
146
|
maxStringLength: C.BYTES.kib(8),
|
|
147
|
-
maxTotalNodes: 0x2000, //
|
|
147
|
+
maxTotalNodes: 0x2000, // node count cap, not byte size
|
|
148
148
|
},
|
|
149
149
|
"balanced": {
|
|
150
150
|
pollutionPolicy: "strip", // remove __proto__ keys silently
|
|
@@ -162,11 +162,11 @@ var PROFILES = Object.freeze({
|
|
|
162
162
|
requireTopLevelKeyAllowlist: false,
|
|
163
163
|
topLevelKeyAllowlist: null,
|
|
164
164
|
maxBytes: C.BYTES.mib(8),
|
|
165
|
-
maxDepth: 32, //
|
|
166
|
-
maxKeysPerObject: 4096, //
|
|
167
|
-
maxArrayLength: 65536, //
|
|
165
|
+
maxDepth: 32, // recursion depth, not byte size
|
|
166
|
+
maxKeysPerObject: 4096, // key count cap, not byte size
|
|
167
|
+
maxArrayLength: 65536, // array length cap, not byte size
|
|
168
168
|
maxStringLength: C.BYTES.kib(64),
|
|
169
|
-
maxTotalNodes: 0x10000, //
|
|
169
|
+
maxTotalNodes: 0x10000, // node count cap, not byte size
|
|
170
170
|
},
|
|
171
171
|
"permissive": {
|
|
172
172
|
pollutionPolicy: "audit",
|
|
@@ -184,11 +184,11 @@ var PROFILES = Object.freeze({
|
|
|
184
184
|
requireTopLevelKeyAllowlist: false,
|
|
185
185
|
topLevelKeyAllowlist: null,
|
|
186
186
|
maxBytes: C.BYTES.mib(64),
|
|
187
|
-
maxDepth: 64, //
|
|
188
|
-
maxKeysPerObject: 65536, //
|
|
189
|
-
maxArrayLength: 1048576, //
|
|
187
|
+
maxDepth: 64, // recursion depth, not byte size
|
|
188
|
+
maxKeysPerObject: 65536, // key count cap, not byte size
|
|
189
|
+
maxArrayLength: 1048576, // array length cap, not byte size
|
|
190
190
|
maxStringLength: C.BYTES.kib(256),
|
|
191
|
-
maxTotalNodes: 0x40000, //
|
|
191
|
+
maxTotalNodes: 0x40000, // node count cap, not byte size
|
|
192
192
|
},
|
|
193
193
|
});
|
|
194
194
|
|
package/lib/guard-jsonpath.js
CHANGED
|
@@ -90,7 +90,7 @@ var PROFILES = Object.freeze({
|
|
|
90
90
|
dynamicHintPolicy: "reject",
|
|
91
91
|
bracketNestingPolicy: "reject",
|
|
92
92
|
recursiveDescentPolicy: "reject",
|
|
93
|
-
maxRecursiveDescents: 2, //
|
|
93
|
+
maxRecursiveDescents: 2, // recursion depth ceiling
|
|
94
94
|
maxPatternBytes: C.BYTES.kib(1),
|
|
95
95
|
maxBytes: C.BYTES.kib(1),
|
|
96
96
|
maxRuntimeMs: C.TIME.seconds(2),
|
|
@@ -105,7 +105,7 @@ var PROFILES = Object.freeze({
|
|
|
105
105
|
dynamicHintPolicy: "reject", // RCE class — refused at every profile
|
|
106
106
|
bracketNestingPolicy: "audit",
|
|
107
107
|
recursiveDescentPolicy: "audit",
|
|
108
|
-
maxRecursiveDescents: 4, //
|
|
108
|
+
maxRecursiveDescents: 4, // recursion depth ceiling
|
|
109
109
|
maxPatternBytes: C.BYTES.kib(2),
|
|
110
110
|
maxBytes: C.BYTES.kib(2),
|
|
111
111
|
maxRuntimeMs: C.TIME.seconds(2),
|
|
@@ -120,7 +120,7 @@ var PROFILES = Object.freeze({
|
|
|
120
120
|
dynamicHintPolicy: "reject", // RCE class refused at every profile
|
|
121
121
|
bracketNestingPolicy: "audit",
|
|
122
122
|
recursiveDescentPolicy: "allow",
|
|
123
|
-
maxRecursiveDescents: 16, //
|
|
123
|
+
maxRecursiveDescents: 16, // recursion depth ceiling
|
|
124
124
|
maxPatternBytes: C.BYTES.kib(8),
|
|
125
125
|
maxBytes: C.BYTES.kib(8),
|
|
126
126
|
maxRuntimeMs: C.TIME.seconds(2),
|
package/lib/guard-jwt.js
CHANGED
|
@@ -368,7 +368,7 @@ function _detectIssues(input, opts) {
|
|
|
368
368
|
// Payload claim sanity (only if payload is decodable).
|
|
369
369
|
var payload = _b64urlDecodeJson(payloadSeg);
|
|
370
370
|
if (payload && typeof payload === "object") {
|
|
371
|
-
var nowSec = Math.floor(Date.now() / 1000); //
|
|
371
|
+
var nowSec = Math.floor(Date.now() / 1000); // seconds-per-millisecond conversion
|
|
372
372
|
|
|
373
373
|
// exp in the past.
|
|
374
374
|
if (typeof payload.exp === "number" &&
|
|
@@ -387,7 +387,7 @@ function _detectIssues(input, opts) {
|
|
|
387
387
|
// nbf far-future.
|
|
388
388
|
if (typeof payload.nbf === "number" &&
|
|
389
389
|
opts.nbfSanityPolicy !== "allow") {
|
|
390
|
-
var nbfSlackSec = Math.floor(opts.nbfFutureSlackMs / 1000); //
|
|
390
|
+
var nbfSlackSec = Math.floor(opts.nbfFutureSlackMs / 1000); // seconds-per-millisecond conversion
|
|
391
391
|
if (payload.nbf > nowSec + nbfSlackSec) {
|
|
392
392
|
issues.push({
|
|
393
393
|
kind: "nbf-far-future",
|
|
@@ -402,7 +402,7 @@ function _detectIssues(input, opts) {
|
|
|
402
402
|
// iat far-future.
|
|
403
403
|
if (typeof payload.iat === "number" &&
|
|
404
404
|
opts.iatSanityPolicy !== "allow") {
|
|
405
|
-
var iatSlackSec = Math.floor(opts.iatFutureSlackMs / 1000); //
|
|
405
|
+
var iatSlackSec = Math.floor(opts.iatFutureSlackMs / 1000); // seconds-per-millisecond conversion
|
|
406
406
|
if (payload.iat > nowSec + iatSlackSec) {
|
|
407
407
|
issues.push({
|
|
408
408
|
kind: "iat-far-future",
|
|
@@ -727,7 +727,7 @@ function kidSafe(kid) {
|
|
|
727
727
|
}
|
|
728
728
|
for (var i = 0; i < kid.length; i += 1) {
|
|
729
729
|
var cc = kid.charCodeAt(i);
|
|
730
|
-
if (cc < 0x20 || cc === 0x7F) { //
|
|
730
|
+
if (cc < 0x20 || cc === 0x7F) { // control-byte boundary check
|
|
731
731
|
throw _err("jwt.kid-control",
|
|
732
732
|
"kid contains control byte at index " + i);
|
|
733
733
|
}
|
package/lib/guard-list-id.js
CHANGED
|
@@ -80,22 +80,22 @@ var DEFAULT_PROFILE = "strict";
|
|
|
80
80
|
|
|
81
81
|
var PROFILES = Object.freeze({
|
|
82
82
|
strict: {
|
|
83
|
-
maxBytes: 998, //
|
|
84
|
-
maxListIdBytes: 255, //
|
|
83
|
+
maxBytes: 998, // RFC 5322 §2.1.1 line cap
|
|
84
|
+
maxListIdBytes: 255, // RFC 2919 §3 cap
|
|
85
85
|
requireFqdn: true,
|
|
86
86
|
requireRandomForLocalhost: true,
|
|
87
87
|
allowPhrase: true,
|
|
88
88
|
},
|
|
89
89
|
balanced: {
|
|
90
|
-
maxBytes: 998, //
|
|
91
|
-
maxListIdBytes: 255, //
|
|
90
|
+
maxBytes: 998, // RFC 5322 §2.1.1 line cap
|
|
91
|
+
maxListIdBytes: 255, // RFC 2919 §3 cap
|
|
92
92
|
requireFqdn: true,
|
|
93
93
|
requireRandomForLocalhost: false,
|
|
94
94
|
allowPhrase: true,
|
|
95
95
|
},
|
|
96
96
|
permissive: {
|
|
97
97
|
maxBytes: C.BYTES.kib(4),
|
|
98
|
-
maxListIdBytes: 512, //
|
|
98
|
+
maxListIdBytes: 512, // permissive max
|
|
99
99
|
requireFqdn: false,
|
|
100
100
|
requireRandomForLocalhost: false,
|
|
101
101
|
allowPhrase: true,
|
|
@@ -238,7 +238,7 @@ function validate(headerValue, opts) {
|
|
|
238
238
|
// grammar). No trailing-dot bypass surface here.
|
|
239
239
|
var isLocalScopeTld = lastLabel === "localhost" || lastLabel === "local" || lastLabel === "lan"; // allow:hostname-compare-trailing-dot — see comment above; List-Id parts already split on `.` so trailing-dot label is empty and refused upstream
|
|
240
240
|
if (caps.requireFqdn) {
|
|
241
|
-
if (parts.length < 3 && !isLocalScopeTld) { //
|
|
241
|
+
if (parts.length < 3 && !isLocalScopeTld) { // FQDN requires ≥ 3 labels for non-local-scope namespace
|
|
242
242
|
return _refuse("list-id has < 3 labels for non-local-scope namespace (FQDN required under '" +
|
|
243
243
|
(opts.profile || DEFAULT_PROFILE) + "')");
|
|
244
244
|
}
|
|
@@ -280,7 +280,7 @@ function compliancePosture(posture) {
|
|
|
280
280
|
function _hasControlChar(s) {
|
|
281
281
|
for (var i = 0; i < s.length; i += 1) {
|
|
282
282
|
var c = s.charCodeAt(i);
|
|
283
|
-
if (c === 0x00 || c === 0x7f || (c < 0x20 && c !== 0x09)) { //
|
|
283
|
+
if (c === 0x00 || c === 0x7f || (c < 0x20 && c !== 0x09)) { // RFC 5322 control + TAB allow
|
|
284
284
|
return true;
|
|
285
285
|
}
|
|
286
286
|
}
|
|
@@ -87,24 +87,24 @@ var DEFAULT_PROFILE = "strict";
|
|
|
87
87
|
var PROFILES = Object.freeze({
|
|
88
88
|
strict: {
|
|
89
89
|
maxBytes: C.BYTES.kib(4),
|
|
90
|
-
maxUris: 4, //
|
|
91
|
-
maxUriBytes: 2048, //
|
|
90
|
+
maxUris: 4, // URI-count cap
|
|
91
|
+
maxUriBytes: 2048, // per-URI byte cap
|
|
92
92
|
requireHttpsUri: true,
|
|
93
93
|
requirePostHeader: true,
|
|
94
94
|
refuseHttp: true,
|
|
95
95
|
},
|
|
96
96
|
balanced: {
|
|
97
97
|
maxBytes: C.BYTES.kib(4),
|
|
98
|
-
maxUris: 8, //
|
|
99
|
-
maxUriBytes: 2048, //
|
|
98
|
+
maxUris: 8, // URI-count cap
|
|
99
|
+
maxUriBytes: 2048, // per-URI byte cap
|
|
100
100
|
requireHttpsUri: false,
|
|
101
101
|
requirePostHeader: false,
|
|
102
102
|
refuseHttp: true,
|
|
103
103
|
},
|
|
104
104
|
permissive: {
|
|
105
105
|
maxBytes: C.BYTES.kib(8),
|
|
106
|
-
maxUris: 16, //
|
|
107
|
-
maxUriBytes: 4096, //
|
|
106
|
+
maxUris: 16, // URI-count cap
|
|
107
|
+
maxUriBytes: 4096, // per-URI byte cap
|
|
108
108
|
requireHttpsUri: false,
|
|
109
109
|
requirePostHeader: false,
|
|
110
110
|
refuseHttp: false,
|
|
@@ -363,7 +363,7 @@ function _extractUris(raw, maxUris) {
|
|
|
363
363
|
function _hasControlChar(s) {
|
|
364
364
|
for (var i = 0; i < s.length; i += 1) {
|
|
365
365
|
var c = s.charCodeAt(i);
|
|
366
|
-
if (c === 0x00 || c === 0x7f || (c < 0x20 && c !== 0x09)) { //
|
|
366
|
+
if (c === 0x00 || c === 0x7f || (c < 0x20 && c !== 0x09)) { // RFC 5322 control + TAB allow
|
|
367
367
|
return true;
|
|
368
368
|
}
|
|
369
369
|
}
|
|
@@ -371,7 +371,7 @@ function _hasControlChar(s) {
|
|
|
371
371
|
}
|
|
372
372
|
|
|
373
373
|
function _trunc(s) {
|
|
374
|
-
if (s.length <= 64) return s; //
|
|
374
|
+
if (s.length <= 64) return s; // error-message truncation
|
|
375
375
|
return s.slice(0, 60) + "…"; // allow:raw-time-literal — char count for error-message truncation, not seconds
|
|
376
376
|
}
|
|
377
377
|
|
|
@@ -42,9 +42,9 @@ var GuardMailComposeError = defineClass("GuardMailComposeError", { alwaysPermane
|
|
|
42
42
|
var DEFAULT_PROFILE = "strict";
|
|
43
43
|
|
|
44
44
|
var PROFILES = Object.freeze({
|
|
45
|
-
strict: { maxRecipients: 100, maxAttachmentBytes: 26214400, maxSubjectBytes: 998 }, //
|
|
46
|
-
balanced: { maxRecipients: 500, maxAttachmentBytes: 52428800, maxSubjectBytes: 998 }, //
|
|
47
|
-
permissive: { maxRecipients: 2000, maxAttachmentBytes: 104857600, maxSubjectBytes: 998 }, //
|
|
45
|
+
strict: { maxRecipients: 100, maxAttachmentBytes: 26214400, maxSubjectBytes: 998 }, // 25 MiB, RFC 5322 §2.1.1 line cap
|
|
46
|
+
balanced: { maxRecipients: 500, maxAttachmentBytes: 52428800, maxSubjectBytes: 998 }, // 50 MiB
|
|
47
|
+
permissive: { maxRecipients: 2000, maxAttachmentBytes: 104857600, maxSubjectBytes: 998 }, // 100 MiB
|
|
48
48
|
});
|
|
49
49
|
|
|
50
50
|
var COMPLIANCE_POSTURES = Object.freeze({
|
|
@@ -239,7 +239,7 @@ function _checkBody(body, profile, allowAlt) {
|
|
|
239
239
|
function _checkHeaderValue(v, label) {
|
|
240
240
|
for (var i = 0; i < v.length; i += 1) {
|
|
241
241
|
var c = v.charCodeAt(i);
|
|
242
|
-
if ((c < 0x20 && c !== 0x09) || c === 0x7F) { //
|
|
242
|
+
if ((c < 0x20 && c !== 0x09) || c === 0x7F) { // C0 + DEL refusal in header
|
|
243
243
|
throw new GuardMailComposeError("mail-compose/control-char-in-header",
|
|
244
244
|
"guardMailCompose.validate: control char 0x" + c.toString(16) + " in " + label);
|
|
245
245
|
}
|
package/lib/guard-mail-move.js
CHANGED
|
@@ -40,9 +40,9 @@ var GuardMailMoveError = defineClass("GuardMailMoveError", { alwaysPermanent: tr
|
|
|
40
40
|
var DEFAULT_PROFILE = "strict";
|
|
41
41
|
|
|
42
42
|
var PROFILES = Object.freeze({
|
|
43
|
-
strict: { maxObjectIds: 1000, maxFolderNameBytes: 255 },
|
|
44
|
-
balanced: { maxObjectIds: 5000, maxFolderNameBytes: 255 },
|
|
45
|
-
permissive: { maxObjectIds: 50000, maxFolderNameBytes: 1024 },
|
|
43
|
+
strict: { maxObjectIds: 1000, maxFolderNameBytes: 255 },
|
|
44
|
+
balanced: { maxObjectIds: 5000, maxFolderNameBytes: 255 },
|
|
45
|
+
permissive: { maxObjectIds: 50000, maxFolderNameBytes: 1024 },
|
|
46
46
|
});
|
|
47
47
|
|
|
48
48
|
var COMPLIANCE_POSTURES = Object.freeze({
|
|
@@ -167,11 +167,11 @@ function _checkFolderName(name, label, profile) {
|
|
|
167
167
|
}
|
|
168
168
|
for (var i = 0; i < name.length; i += 1) {
|
|
169
169
|
var c = name.charCodeAt(i);
|
|
170
|
-
if (c < 0x20 || c === 0x7F) { //
|
|
170
|
+
if (c < 0x20 || c === 0x7F) { // C0 + DEL refusal
|
|
171
171
|
throw new GuardMailMoveError("mail-move/control-char-in-name",
|
|
172
172
|
"guardMailMove.validate: " + label + " contains control char 0x" + c.toString(16));
|
|
173
173
|
}
|
|
174
|
-
if (c === 0x2F) { //
|
|
174
|
+
if (c === 0x2F) { // '/' refusal
|
|
175
175
|
throw new GuardMailMoveError("mail-move/slash-in-name",
|
|
176
176
|
"guardMailMove.validate: " + label + " contains '/' (use IMAP '.' hierarchy separator)");
|
|
177
177
|
}
|
package/lib/guard-mail-query.js
CHANGED
|
@@ -33,9 +33,9 @@ var GuardMailQueryError = defineClass("GuardMailQueryError", { alwaysPermanent:
|
|
|
33
33
|
var DEFAULT_PROFILE = "strict";
|
|
34
34
|
|
|
35
35
|
var PROFILES = Object.freeze({
|
|
36
|
-
strict: { maxDepth: 8, maxKeys: 64, maxStringBytes: 8192, maxArrayLen: 256 }, //
|
|
37
|
-
balanced: { maxDepth: 16, maxKeys: 128, maxStringBytes: 16384, maxArrayLen: 1024 },
|
|
38
|
-
permissive: { maxDepth: 24, maxKeys: 512, maxStringBytes: 65536, maxArrayLen: 4096 },
|
|
36
|
+
strict: { maxDepth: 8, maxKeys: 64, maxStringBytes: 8192, maxArrayLen: 256 }, // caps for filter spec
|
|
37
|
+
balanced: { maxDepth: 16, maxKeys: 128, maxStringBytes: 16384, maxArrayLen: 1024 },
|
|
38
|
+
permissive: { maxDepth: 24, maxKeys: 512, maxStringBytes: 65536, maxArrayLen: 4096 },
|
|
39
39
|
});
|
|
40
40
|
|
|
41
41
|
var COMPLIANCE_POSTURES = Object.freeze({
|
package/lib/guard-mail-reply.js
CHANGED
|
@@ -36,9 +36,9 @@ var GuardMailReplyError = defineClass("GuardMailReplyError", { alwaysPermanent:
|
|
|
36
36
|
var DEFAULT_PROFILE = "strict";
|
|
37
37
|
|
|
38
38
|
var PROFILES = Object.freeze({
|
|
39
|
-
strict: { maxChainLength: 100, maxQuotedBytes: 524288, maxForwardedAttachments: 32 }, //
|
|
40
|
-
balanced: { maxChainLength: 500, maxQuotedBytes: 2097152, maxForwardedAttachments: 128 }, //
|
|
41
|
-
permissive: { maxChainLength: 2000, maxQuotedBytes: 10485760, maxForwardedAttachments: 512 }, //
|
|
39
|
+
strict: { maxChainLength: 100, maxQuotedBytes: 524288, maxForwardedAttachments: 32 }, // chain count + 512 KiB
|
|
40
|
+
balanced: { maxChainLength: 500, maxQuotedBytes: 2097152, maxForwardedAttachments: 128 }, // chain count + 2 MiB
|
|
41
|
+
permissive: { maxChainLength: 2000, maxQuotedBytes: 10485760, maxForwardedAttachments: 512 }, // chain count + 10 MiB
|
|
42
42
|
});
|
|
43
43
|
|
|
44
44
|
var COMPLIANCE_POSTURES = Object.freeze({
|
package/lib/guard-mail-sieve.js
CHANGED
|
@@ -39,9 +39,9 @@ var GuardMailSieveError = defineClass("GuardMailSieveError", { alwaysPermanent:
|
|
|
39
39
|
var DEFAULT_PROFILE = "strict";
|
|
40
40
|
|
|
41
41
|
var PROFILES = Object.freeze({
|
|
42
|
-
strict: { maxScriptBytes: 65536, maxNameBytes: 256, maxLines: 2000 },
|
|
43
|
-
balanced: { maxScriptBytes: 262144, maxNameBytes: 256, maxLines: 10000 },
|
|
44
|
-
permissive: { maxScriptBytes: 1048576, maxNameBytes: 1024, maxLines: 50000 },
|
|
42
|
+
strict: { maxScriptBytes: 65536, maxNameBytes: 256, maxLines: 2000 },
|
|
43
|
+
balanced: { maxScriptBytes: 262144, maxNameBytes: 256, maxLines: 10000 },
|
|
44
|
+
permissive: { maxScriptBytes: 1048576, maxNameBytes: 1024, maxLines: 50000 },
|
|
45
45
|
});
|
|
46
46
|
|
|
47
47
|
var COMPLIANCE_POSTURES = Object.freeze({
|
|
@@ -112,7 +112,7 @@ function validate(op, opts) {
|
|
|
112
112
|
// but blows up later parser stages; refuse here).
|
|
113
113
|
var lineCount = 1;
|
|
114
114
|
for (var i = 0; i < op.script.length; i += 1) {
|
|
115
|
-
if (op.script.charCodeAt(i) === 0x0A) lineCount += 1; //
|
|
115
|
+
if (op.script.charCodeAt(i) === 0x0A) lineCount += 1; // LF
|
|
116
116
|
}
|
|
117
117
|
if (lineCount > profile.maxLines) {
|
|
118
118
|
throw new GuardMailSieveError("mail-sieve/too-many-lines",
|
|
@@ -123,7 +123,7 @@ function validate(op, opts) {
|
|
|
123
123
|
// text-only per RFC 5228 §1.4).
|
|
124
124
|
for (var j = 0; j < op.script.length; j += 1) {
|
|
125
125
|
var c = op.script.charCodeAt(j);
|
|
126
|
-
if (c === 0x00 || (c < 0x20 && c !== 0x09 && c !== 0x0A && c !== 0x0D) || c === 0x7F) { //
|
|
126
|
+
if (c === 0x00 || (c < 0x20 && c !== 0x09 && c !== 0x0A && c !== 0x0D) || c === 0x7F) { // NUL / C0 except TAB/LF/CR / DEL refusal
|
|
127
127
|
throw new GuardMailSieveError("mail-sieve/control-char-in-script",
|
|
128
128
|
"guardMailSieve.validate: control char 0x" + c.toString(16) + " at offset " + j);
|
|
129
129
|
}
|
|
@@ -177,7 +177,7 @@ function _checkName(name, profile) {
|
|
|
177
177
|
}
|
|
178
178
|
for (var i = 0; i < name.length; i += 1) {
|
|
179
179
|
var c = name.charCodeAt(i);
|
|
180
|
-
if (c < 0x20 || c === 0x7F || c === 0x2F || c === 0x5C) { //
|
|
180
|
+
if (c < 0x20 || c === 0x7F || c === 0x2F || c === 0x5C) { // C0 / DEL / slash / backslash refusal
|
|
181
181
|
throw new GuardMailSieveError("mail-sieve/bad-name-char",
|
|
182
182
|
"guardMailSieve.validate: op.name contains forbidden char 0x" + c.toString(16));
|
|
183
183
|
}
|
|
@@ -109,25 +109,25 @@ var DEFAULT_PROFILE = "strict";
|
|
|
109
109
|
|
|
110
110
|
var PROFILES = Object.freeze({
|
|
111
111
|
strict: {
|
|
112
|
-
maxLineBytes: 8192, //
|
|
113
|
-
maxScriptBytes: 65536, //
|
|
114
|
-
maxScriptNameBytes: 512, //
|
|
112
|
+
maxLineBytes: 8192, // 8 KiB per-line cap (strict)
|
|
113
|
+
maxScriptBytes: 65536, // 64 KiB script cap (matches safeSieve strict)
|
|
114
|
+
maxScriptNameBytes: 512, // RFC 5804 §2.1 script-name cap
|
|
115
115
|
allowBareLf: false,
|
|
116
116
|
allowCleartextAuth: false,
|
|
117
|
-
allowLiteralPlus: true, // RFC 7888 LITERAL+ accepted under strict (operator MAY refuse via opts.allowLiteralPlus=false) //
|
|
117
|
+
allowLiteralPlus: true, // RFC 7888 LITERAL+ accepted under strict (operator MAY refuse via opts.allowLiteralPlus=false) // RFC number
|
|
118
118
|
},
|
|
119
119
|
balanced: {
|
|
120
|
-
maxLineBytes: 16384, //
|
|
121
|
-
maxScriptBytes: 262144, //
|
|
122
|
-
maxScriptNameBytes: 512, //
|
|
120
|
+
maxLineBytes: 16384, // 16 KiB per-line cap (balanced)
|
|
121
|
+
maxScriptBytes: 262144, // 256 KiB script cap (matches safeSieve balanced)
|
|
122
|
+
maxScriptNameBytes: 512, // RFC 5804 §2.1 script-name cap
|
|
123
123
|
allowBareLf: false,
|
|
124
124
|
allowCleartextAuth: false,
|
|
125
125
|
allowLiteralPlus: true,
|
|
126
126
|
},
|
|
127
127
|
permissive: {
|
|
128
|
-
maxLineBytes: 65536, //
|
|
129
|
-
maxScriptBytes: 1048576, //
|
|
130
|
-
maxScriptNameBytes: 512, //
|
|
128
|
+
maxLineBytes: 65536, // 64 KiB per-line cap (permissive)
|
|
129
|
+
maxScriptBytes: 1048576, // 1 MiB script cap (matches safeSieve permissive)
|
|
130
|
+
maxScriptNameBytes: 512, // RFC 5804 §2.1 script-name cap
|
|
131
131
|
allowBareLf: true,
|
|
132
132
|
allowCleartextAuth: true,
|
|
133
133
|
allowLiteralPlus: true,
|
|
@@ -231,16 +231,16 @@ function validate(line, opts) {
|
|
|
231
231
|
var inQuote = false;
|
|
232
232
|
for (var i = 0; i < line.length; i += 1) {
|
|
233
233
|
var c = line.charCodeAt(i);
|
|
234
|
-
if (c === 0x22 && !_isEscaped(line, i)) { //
|
|
234
|
+
if (c === 0x22 && !_isEscaped(line, i)) { // DQUOTE
|
|
235
235
|
inQuote = !inQuote;
|
|
236
236
|
continue;
|
|
237
237
|
}
|
|
238
238
|
if (inQuote) continue;
|
|
239
|
-
if (c === 0x00 || c === 0x7F || (c < 0x20 && c !== 0x09)) { //
|
|
239
|
+
if (c === 0x00 || c === 0x7F || (c < 0x20 && c !== 0x09)) { // control-byte refusal
|
|
240
240
|
if (c === 0x0A && caps.allowBareLf) continue;
|
|
241
241
|
throw new GuardManageSieveCommandError("guard-managesieve-command/bad-byte",
|
|
242
242
|
"guardManageSieveCommand.validate: control byte 0x" +
|
|
243
|
-
c.toString(16) + " at offset " + i); //
|
|
243
|
+
c.toString(16) + " at offset " + i); // base-16 toString radix
|
|
244
244
|
}
|
|
245
245
|
}
|
|
246
246
|
if (inQuote) {
|
|
@@ -322,7 +322,7 @@ function _validateAuthenticate(rest, caps, profileName, opts) {
|
|
|
322
322
|
// Base64-initial-response cap: bound by the script-name cap
|
|
323
323
|
// (initial-response is a SASL token, not a script body; 4 KiB
|
|
324
324
|
// is generous).
|
|
325
|
-
if (n > 4096) { //
|
|
325
|
+
if (n > 4096) { // 4 KiB SASL initial-response cap
|
|
326
326
|
throw new GuardManageSieveCommandError("guard-managesieve-command/literal-too-large",
|
|
327
327
|
"guardManageSieveCommand.validate: AUTHENTICATE initial-response " +
|
|
328
328
|
n + " bytes exceeds 4096-byte cap");
|
|
@@ -463,26 +463,26 @@ function _validateRenamescript(rest, caps) {
|
|
|
463
463
|
// Returns null if `s` does not begin with a DQUOTE. RFC 5804 §1.2
|
|
464
464
|
// quoted strings allow UTF-8 content and `\"` / `\\` escape sequences.
|
|
465
465
|
function _parseQuotedString(s) {
|
|
466
|
-
if (s.length === 0 || s.charCodeAt(0) !== 0x22) return null; //
|
|
466
|
+
if (s.length === 0 || s.charCodeAt(0) !== 0x22) return null; // DQUOTE
|
|
467
467
|
var out = "";
|
|
468
468
|
var i = 1;
|
|
469
469
|
while (i < s.length) {
|
|
470
470
|
var c = s.charCodeAt(i);
|
|
471
|
-
if (c === 0x5C) { //
|
|
471
|
+
if (c === 0x5C) { // backslash escape
|
|
472
472
|
if (i + 1 >= s.length) return null;
|
|
473
473
|
var esc = s.charCodeAt(i + 1);
|
|
474
|
-
if (esc === 0x22) { out += '"'; i += 2; continue; } //
|
|
475
|
-
if (esc === 0x5C) { out += "\\"; i += 2; continue; } //
|
|
474
|
+
if (esc === 0x22) { out += '"'; i += 2; continue; } // DQUOTE
|
|
475
|
+
if (esc === 0x5C) { out += "\\"; i += 2; continue; } // backslash
|
|
476
476
|
return null;
|
|
477
477
|
}
|
|
478
|
-
if (c === 0x22) { //
|
|
478
|
+
if (c === 0x22) { // closing DQUOTE
|
|
479
479
|
var rest = s.slice(i + 1);
|
|
480
480
|
// Trim leading whitespace from rest.
|
|
481
481
|
var k = 0;
|
|
482
|
-
while (k < rest.length && (rest.charCodeAt(k) === 0x20 || rest.charCodeAt(k) === 0x09)) k += 1; //
|
|
482
|
+
while (k < rest.length && (rest.charCodeAt(k) === 0x20 || rest.charCodeAt(k) === 0x09)) k += 1; // SP / HTAB
|
|
483
483
|
return { value: out, rest: rest.slice(k) };
|
|
484
484
|
}
|
|
485
|
-
if (c === 0x00 || c === 0x0D || c === 0x0A) return null; //
|
|
485
|
+
if (c === 0x00 || c === 0x0D || c === 0x0A) return null; // NUL/CR/LF refused in quoted strings
|
|
486
486
|
out += s[i];
|
|
487
487
|
i += 1;
|
|
488
488
|
}
|
|
@@ -495,7 +495,7 @@ function _parseQuotedString(s) {
|
|
|
495
495
|
function _isEscaped(line, i) {
|
|
496
496
|
var n = 0;
|
|
497
497
|
var j = i - 1;
|
|
498
|
-
while (j >= 0 && line.charCodeAt(j) === 0x5C) { n += 1; j -= 1; } //
|
|
498
|
+
while (j >= 0 && line.charCodeAt(j) === 0x5C) { n += 1; j -= 1; } // backslash count
|
|
499
499
|
return (n & 1) === 1;
|
|
500
500
|
}
|
|
501
501
|
|
|
@@ -513,12 +513,12 @@ function _checkScriptName(name, caps) {
|
|
|
513
513
|
_checkScriptNameBytes(name, caps);
|
|
514
514
|
for (var i = 0; i < name.length; i += 1) {
|
|
515
515
|
var c = name.charCodeAt(i);
|
|
516
|
-
if (c === 0x2F || c === 0x5C) { //
|
|
516
|
+
if (c === 0x2F || c === 0x5C) { // forward-slash + backslash refused
|
|
517
517
|
throw new GuardManageSieveCommandError("guard-managesieve-command/bad-name-byte",
|
|
518
518
|
"guardManageSieveCommand.validate: script-name byte 0x" +
|
|
519
|
-
c.toString(16) + " refused (RFC 5804 §2.1)"); //
|
|
519
|
+
c.toString(16) + " refused (RFC 5804 §2.1)"); // base-16 toString radix
|
|
520
520
|
}
|
|
521
|
-
if (c === 0x00) { //
|
|
521
|
+
if (c === 0x00) { // NUL refused
|
|
522
522
|
throw new GuardManageSieveCommandError("guard-managesieve-command/bad-name-byte",
|
|
523
523
|
"guardManageSieveCommand.validate: NUL byte refused in script-name (RFC 5804 §2.1)");
|
|
524
524
|
}
|