@exortek/express-mongo-sanitize 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +19 -4
- package/package.json +1 -1
package/index.js
CHANGED
|
@@ -143,7 +143,7 @@ const isPlainObject = (obj) => !!obj && Object.prototype.toString.call(obj) ===
|
|
|
143
143
|
*/
|
|
144
144
|
const isObjectEmpty = (obj) => {
|
|
145
145
|
if (!isPlainObject(obj)) return false;
|
|
146
|
-
return !Object.
|
|
146
|
+
return !Object.keys(obj).length;
|
|
147
147
|
};
|
|
148
148
|
|
|
149
149
|
/**
|
|
@@ -179,6 +179,9 @@ const isFunction = (value) => typeof value === 'function';
|
|
|
179
179
|
* @extends Error
|
|
180
180
|
*/
|
|
181
181
|
class ExpressMongoSanitizeError extends Error {
|
|
182
|
+
cause;
|
|
183
|
+
message;
|
|
184
|
+
stack;
|
|
182
185
|
/**
|
|
183
186
|
* Creates a new ExpressMongoSanitizeError.
|
|
184
187
|
* @param {string} message - Error message
|
|
@@ -190,6 +193,14 @@ class ExpressMongoSanitizeError extends Error {
|
|
|
190
193
|
this.type = type;
|
|
191
194
|
Error.captureStackTrace(this, this.constructor);
|
|
192
195
|
}
|
|
196
|
+
|
|
197
|
+
code() {
|
|
198
|
+
return this.type;
|
|
199
|
+
}
|
|
200
|
+
|
|
201
|
+
view() {
|
|
202
|
+
return `${this.name} [${this.type}]: ${this.message}\n${this.stack}`;
|
|
203
|
+
}
|
|
193
204
|
}
|
|
194
205
|
|
|
195
206
|
/**
|
|
@@ -371,9 +382,13 @@ const handleRequest = (request, options) => {
|
|
|
371
382
|
}
|
|
372
383
|
if (isWritable(request, sanitizeObject)) {
|
|
373
384
|
request[sanitizeObject] = sanitized;
|
|
374
|
-
} else if (
|
|
375
|
-
Object.
|
|
376
|
-
|
|
385
|
+
} else if (isPlainObject(request[sanitizeObject]) && sanitizeObject === 'query') {
|
|
386
|
+
Object.defineProperty(request, 'query', {
|
|
387
|
+
value: Object.setPrototypeOf(sanitized, null),
|
|
388
|
+
writable: true,
|
|
389
|
+
enumerable: true,
|
|
390
|
+
configurable: true,
|
|
391
|
+
});
|
|
377
392
|
}
|
|
378
393
|
}
|
|
379
394
|
});
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@exortek/express-mongo-sanitize",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.1",
|
|
4
4
|
"description": "A comprehensive Express middleware designed to protect your No(n)SQL queries from injection attacks by sanitizing request data. This middleware provides flexible sanitization options for request bodies, parameters, and query strings.",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"type": "commonjs",
|