@umituz/react-native-validation 1.4.2 → 1.4.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@umituz/react-native-validation",
-  "version": "1.4.2",
+  "version": "1.4.4",
   "description": "Comprehensive validation and sanitization utilities for React Native forms",
   "main": "./src/index.ts",
   "types": "./src/index.ts",
@@ -42,4 +42,4 @@
     "README.md",
     "LICENSE"
   ]
-}
+}

package/src/domain/entities/ValidationResult.ts

@@ -0,0 +1,15 @@
+/**
+ * Validation Result Interface
+ * Represents the outcome of a validation operation
+ */
+export interface ValidationResult {
+  /**
+   * Whether the validation passed
+   */
+  isValid: boolean;
+
+  /**
+   * Error message if validation failed
+   */
+  error?: string;
+}

package/src/infrastructure/utils/sanitization.ts

@@ -0,0 +1,92 @@
+/**
+ * Sanitization Utilities
+ * Functions to clean and secure user input
+ */
+
+export const SECURITY_LIMITS = {
+    EMAIL_MAX_LENGTH: 254,
+    PASSWORD_MAX_LENGTH: 128, // Reasonable limit for hash algorithms
+    NAME_MAX_LENGTH: 50,
+    TEXT_MAX_LENGTH: 1000,
+    URL_MAX_LENGTH: 2048,
+};
+
+/**
+ * Sanitize whitespace from a string
+ * Removes leading/trailing whitespace and replaces multiple spaces with single space
+ */
+export const sanitizeWhitespace = (value: string): string => {
+    if (!value) return '';
+    return value.trim().replace(/\s+/g, ' ');
+};
+
+/**
+ * Sanitize email
+ * Trims, lowercases, and removes dangerous characters
+ */
+export const sanitizeEmail = (email: string): string => {
+    if (!email) return '';
+    // Basic sanitization: trim and lowercase
+    let sanitized = email.trim().toLowerCase();
+    // Remove potential dangerous characters that shouldn't be in an email
+    // < > " ' `
+    sanitized = sanitized.replace(/[<>"'`]/g, '');
+    return sanitized;
+};
+
+/**
+ * Sanitize password
+ * No whitespace trimming often (some allow spaces), but good to enforce consistent handling
+ * Here we only strictly ensure it's a string, we DO NOT trim passwords usually to avoid confusion,
+ * but for this utility we will assume standard string behavior.
+ * actually it's safer NOT to modify password input other than ensuring it is a string.
+ */
+export const sanitizePassword = (password: string): string => {
+    if (!password) return '';
+    return password;
+};
+
+/**
+ * Sanitize name
+ * Trims and removes special characters that are typically not in names (simple version)
+ */
+export const sanitizeName = (name: string): string => {
+    if (!name) return '';
+    // Remove < > " ' ` / \
+    return sanitizeWhitespace(name).replace(/[<>"'`/\\]/g, '');
+};
+
+/**
+ * Sanitize generic text
+ * Escapes HTML characters to prevent simple injection if rendered
+ * (Note: React handles this by default, but useful for raw data handling)
+ */
+export const sanitizeText = (text: string): string => {
+    if (!text) return '';
+    const trimmed = text.trim();
+    return trimmed
+        .replace(/&/g, '&amp;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#039;');
+};
+
+/**
+ * Check for dangerous characters
+ * Returns true if string contains characters often used in attacks (<, >, etc)
+ */
+export const containsDangerousChars = (value: string): boolean => {
+    if (!value) return false;
+    // Check for script tags or SQL injection common chars
+    const dangerousPattern = /[<>;]/;
+    return dangerousPattern.test(value);
+};
+
+/**
+ * Check if value is within length limits
+ */
+export const isWithinLengthLimit = (value: string, limit: number): boolean => {
+    if (!value) return true;
+    return value.length <= limit;
+};