@umituz/react-native-validation 1.4.3 → 1.4.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Sanitization Utilities
|
|
3
|
+
* Functions to clean and secure user input
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
export const SECURITY_LIMITS = {
|
|
7
|
+
EMAIL_MAX_LENGTH: 254,
|
|
8
|
+
PASSWORD_MAX_LENGTH: 128, // Reasonable limit for hash algorithms
|
|
9
|
+
NAME_MAX_LENGTH: 50,
|
|
10
|
+
TEXT_MAX_LENGTH: 1000,
|
|
11
|
+
URL_MAX_LENGTH: 2048,
|
|
12
|
+
};
|
|
13
|
+
|
|
14
|
+
/**
|
|
15
|
+
* Sanitize whitespace from a string
|
|
16
|
+
* Removes leading/trailing whitespace and replaces multiple spaces with single space
|
|
17
|
+
*/
|
|
18
|
+
export const sanitizeWhitespace = (value: string): string => {
|
|
19
|
+
if (!value) return '';
|
|
20
|
+
return value.trim().replace(/\s+/g, ' ');
|
|
21
|
+
};
|
|
22
|
+
|
|
23
|
+
/**
|
|
24
|
+
* Sanitize email
|
|
25
|
+
* Trims, lowercases, and removes dangerous characters
|
|
26
|
+
*/
|
|
27
|
+
export const sanitizeEmail = (email: string): string => {
|
|
28
|
+
if (!email) return '';
|
|
29
|
+
// Basic sanitization: trim and lowercase
|
|
30
|
+
let sanitized = email.trim().toLowerCase();
|
|
31
|
+
// Remove potential dangerous characters that shouldn't be in an email
|
|
32
|
+
// < > " ' `
|
|
33
|
+
sanitized = sanitized.replace(/[<>"'`]/g, '');
|
|
34
|
+
return sanitized;
|
|
35
|
+
};
|
|
36
|
+
|
|
37
|
+
/**
|
|
38
|
+
* Sanitize password
|
|
39
|
+
* No whitespace trimming often (some allow spaces), but good to enforce consistent handling
|
|
40
|
+
* Here we only strictly ensure it's a string, we DO NOT trim passwords usually to avoid confusion,
|
|
41
|
+
* but for this utility we will assume standard string behavior.
|
|
42
|
+
* actually it's safer NOT to modify password input other than ensuring it is a string.
|
|
43
|
+
*/
|
|
44
|
+
export const sanitizePassword = (password: string): string => {
|
|
45
|
+
if (!password) return '';
|
|
46
|
+
return password;
|
|
47
|
+
};
|
|
48
|
+
|
|
49
|
+
/**
|
|
50
|
+
* Sanitize name
|
|
51
|
+
* Trims and removes special characters that are typically not in names (simple version)
|
|
52
|
+
*/
|
|
53
|
+
export const sanitizeName = (name: string): string => {
|
|
54
|
+
if (!name) return '';
|
|
55
|
+
// Remove < > " ' ` / \
|
|
56
|
+
return sanitizeWhitespace(name).replace(/[<>"'`/\\]/g, '');
|
|
57
|
+
};
|
|
58
|
+
|
|
59
|
+
/**
|
|
60
|
+
* Sanitize generic text
|
|
61
|
+
* Escapes HTML characters to prevent simple injection if rendered
|
|
62
|
+
* (Note: React handles this by default, but useful for raw data handling)
|
|
63
|
+
*/
|
|
64
|
+
export const sanitizeText = (text: string): string => {
|
|
65
|
+
if (!text) return '';
|
|
66
|
+
const trimmed = text.trim();
|
|
67
|
+
return trimmed
|
|
68
|
+
.replace(/&/g, '&')
|
|
69
|
+
.replace(/</g, '<')
|
|
70
|
+
.replace(/>/g, '>')
|
|
71
|
+
.replace(/"/g, '"')
|
|
72
|
+
.replace(/'/g, ''');
|
|
73
|
+
};
|
|
74
|
+
|
|
75
|
+
/**
|
|
76
|
+
* Check for dangerous characters
|
|
77
|
+
* Returns true if string contains characters often used in attacks (<, >, etc)
|
|
78
|
+
*/
|
|
79
|
+
export const containsDangerousChars = (value: string): boolean => {
|
|
80
|
+
if (!value) return false;
|
|
81
|
+
// Check for script tags or SQL injection common chars
|
|
82
|
+
const dangerousPattern = /[<>;]/;
|
|
83
|
+
return dangerousPattern.test(value);
|
|
84
|
+
};
|
|
85
|
+
|
|
86
|
+
/**
|
|
87
|
+
* Check if value is within length limits
|
|
88
|
+
*/
|
|
89
|
+
export const isWithinLengthLimit = (value: string, limit: number): boolean => {
|
|
90
|
+
if (!value) return true;
|
|
91
|
+
return value.length <= limit;
|
|
92
|
+
};
|