ac-sanitizer 3.9.5 → 3.9.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/CHANGELOG.md +40 -0
  2. package/README.md +4 -1
  3. package/index.js +10 -9
  4. package/package.json +13 -13
  5. package/test/tests/base64.js +1 -0
package/CHANGELOG.md CHANGED
@@ -1,3 +1,43 @@
1
+ <a name="3.9.9"></a>
2
+
3
+ ## [3.9.9](https://github.com/mmpro/ac-sanitizer/compare/v3.9.8..v3.9.9) (2022-01-20 14:57:41)
4
+
5
+
6
+ ### Bug Fix
7
+
8
+ * **App:** Update ac-file-extensions package | VD | [13eeb3dccd0154943a08913f719db9df9739582b](https://github.com/mmpro/ac-sanitizer/commit/13eeb3dccd0154943a08913f719db9df9739582b)
9
+ Update ac-file-extensions package
10
+ <a name="3.9.8"></a>
11
+
12
+ ## [3.9.8](https://github.com/mmpro/ac-sanitizer/compare/v3.9.7..v3.9.8) (2021-11-27 13:26:51)
13
+
14
+
15
+ ### Bug Fix
16
+
17
+ * **App:** Package updates | MP | [fa9229b239f26f4e95097b0924c2811f64473639](https://github.com/mmpro/ac-sanitizer/commit/fa9229b239f26f4e95097b0924c2811f64473639)
18
+ Package updates, incl ac-fileExetnsion 2 (minor code change)
19
+ ### Documentation
20
+
21
+ * **App:** Minor documentation updates | MP | [d3c407c5502b5b8f7bc6479c65afa87567c26ddf](https://github.com/mmpro/ac-sanitizer/commit/d3c407c5502b5b8f7bc6479c65afa87567c26ddf)
22
+ Minor documentation updates for requirements with conditions. Added FQDN to README
23
+ <a name="3.9.7"></a>
24
+
25
+ ## [3.9.7](https://github.com/mmpro/ac-sanitizer/compare/v3.9.6..v3.9.7) (2021-10-09 17:33:05)
26
+
27
+
28
+ ### Bug Fix
29
+
30
+ * **App:** Fix for base64 | MP | [3e83ac766bf2157bdbc5fe8e05da839f85f49c07](https://github.com/mmpro/ac-sanitizer/commit/3e83ac766bf2157bdbc5fe8e05da839f85f49c07)
31
+ Make sure base64 value is a string
32
+ <a name="3.9.6"></a>
33
+
34
+ ## [3.9.6](https://github.com/mmpro/ac-sanitizer/compare/v3.9.5..v3.9.6) (2021-10-09 10:15:18)
35
+
36
+
37
+ ### Bug Fix
38
+
39
+ * **App:** Package updates | MP | [d048ae6ba782418cdf24762c17ad456dc6299d9e](https://github.com/mmpro/ac-sanitizer/commit/d048ae6ba782418cdf24762c17ad456dc6299d9e)
40
+ Package updates
1
41
  <a name="3.9.5"></a>
2
42
 
3
43
  ## [3.9.5](https://github.com/mmpro/ac-sanitizer/compare/v3.9.4..v3.9.5) (2021-06-18 10:52:58)
package/README.md CHANGED
@@ -46,13 +46,15 @@ Parameter | Type | Remarks
46
46
  --- | --- | --- |
47
47
  field | string | Name of the field
48
48
  type | string | Type of the field to sanitize, see below for available values
49
- required | [boolean|string] | Set to true if required or set a path to a param (if that param is set, this value is required)
49
+ required | [boolean OR string] | Set to true if required or set a path[^1] to a param (if that param is set, this value is required)
50
50
  enum | [array|string] | Optional list of allowed values. You can a string placeholder for certain standard lists (see below)
51
51
  adminLevel | [integer] | Optional adminLevel required for this field
52
52
  omitFields | [boolean] | If adminLevel is set and you do not have the proper adminLevel the sanitizer will just omit the field (and not return an error) if omitFields is true
53
53
  convert | [boolean|string] | Some types can be automatically converted (e.g. base64 to string)
54
54
  valueType | [string] | Use it to sanitize values of an array by defining the allowed type here
55
55
 
56
+ [^1]: The path must be set with the parent propery as root, e.g. the actual field is settings.video.width, in property video the condition is then just "width" not the full path.
57
+
56
58
  ### ENUM lists
57
59
  The following enum lists are available using a string placeholder
58
60
 
@@ -72,6 +74,7 @@ boolean | |
72
74
  cidr | | Check CIDR, see example
73
75
  integer \| boolean | | Value can be an integer OR a boolean
74
76
  date | dateFormat | Date or date time, support various date formats (e.g. DD.MM.YYYY, DD/MM/YYYY, YYYY-MM-DD, etc) as well as a custom format defined in dateFormat.
77
+ fqdn | wildcardAllowed (bool) | Fully qualified domain names, optional with wildcard subdomain (e.g. *.admiralcloud.com)
75
78
  email | | a@b.c
76
79
  float | | 0 - 2^31
77
80
  fileExtension | |
package/index.js CHANGED
@@ -264,14 +264,15 @@ const sanitizer = function() {
264
264
  }
265
265
  else if (field.type === 'base64') {
266
266
  if (!_.isString(value)) error = { message: fieldName + '_mustBeString' }
267
-
268
- // value must have a length that can be divided by 4, otherwise it needs padding with =
269
- // https://en.wikipedia.org/wiki/Base64#Padding
270
- let l = value.length
271
- let pad = l % 4
272
- if (!validator.isBase64(_.padEnd(value, (l+pad), '='))) error = { message: fieldName + '_notABase64String' }
273
- if (field.convert) {
274
- _.set(paramsToCheck, fieldName, Buffer.from(value, 'base64').toString())
267
+ else {
268
+ // value must have a length that can be divided by 4, otherwise it needs padding with =
269
+ // https://en.wikipedia.org/wiki/Base64#Padding
270
+ let l = value.length
271
+ let pad = l % 4
272
+ if (!validator.isBase64(_.padEnd(value, (l+pad), '='))) error = { message: fieldName + '_notABase64String' }
273
+ else if (field.convert) {
274
+ _.set(paramsToCheck, fieldName, Buffer.from(value, 'base64').toString())
275
+ }
275
276
  }
276
277
  }
277
278
  else if (field.type === 'countryCode') {
@@ -281,7 +282,7 @@ const sanitizer = function() {
281
282
  }
282
283
  else if (field.type === 'fileExtension') {
283
284
  value = _.toLower(value)
284
- if (!_.find(fileExtensions, { ext: value })) {
285
+ if (!fileExtensions.query({ ext: value })) {
285
286
  error = { message: fieldName + '_' + getTypeMapping(field.type, 'errorMessage') }
286
287
  }
287
288
  _.set(paramsToCheck, fieldName, value)
package/package.json CHANGED
@@ -1,25 +1,25 @@
1
1
  {
2
2
  "name": "ac-sanitizer",
3
3
  "description": "Sanitites payloads based on given field definitions",
4
- "author": "Mark Poepping (https://www.mmpro.de)",
4
+ "author": "Mark Poepping (https://www.admiralcloud.com)",
5
5
  "license": "MIT",
6
- "repository": "mmpro/ac-sanitizer",
7
- "version": "3.9.5",
6
+ "repository": "admiralcloud/ac-sanitizer",
7
+ "version": "3.9.9",
8
8
  "homepage": "https://www.admiralcloud.com",
9
9
  "dependencies": {
10
- "ac-countrylist": "^1.0.5",
11
- "ac-file-extensions": "^1.2.0",
12
- "ac-ip": "^1.3.5",
13
- "date-and-time": "^1.0.1",
14
- "hashids": "^2.2.8",
10
+ "ac-countrylist": "^1.0.6",
11
+ "ac-file-extensions": "^2.0.1",
12
+ "ac-ip": "^1.3.6",
13
+ "date-and-time": "^2.0.1",
14
+ "hashids": "^2.2.10",
15
15
  "lodash": "^4.17.21",
16
- "validator": "^13.6.0"
16
+ "validator": "^13.7.0"
17
17
  },
18
18
  "devDependencies": {
19
- "ac-semantic-release": "^0.2.6",
20
- "eslint": "^7.28.0",
21
- "expect": "^27.0.2",
22
- "mocha": "^9.0.0",
19
+ "ac-semantic-release": "^0.2.7",
20
+ "eslint": "^8.3.0",
21
+ "expect": "^27.3.1",
22
+ "mocha": "^9.1.3",
23
23
  "nyc": "^15.1.0"
24
24
  },
25
25
  "scripts": {
package/test/tests/base64.js CHANGED
@@ -11,6 +11,7 @@ module.exports = {
11
11
  { name: 'Valid base64 with convert', type: 'base64', convert: true, value: 'dGhpcyBpcyBhIGJhc2U2NCBzdHJpbmc=', expected: 'this is a base64 string' },
12
12
  { name: 'Invalid base64', type: 'base64', value: 'abc1245', error: 'base64_notABase64String' },
13
13
  { name: 'Valid base64', type: 'base64', value: 'PDw/Pz8+Pg==', convert: true, expected: '<<???>>' },
14
+ { name: 'Invalid base64 with convert', type: 'base64', convert: true, value: 123, error: 'base64_mustBeString' },
14
15
  { name: 'Base64 app.admiralcloud.com - requires padding', type: 'base64', value: 'aHR0cHM6Ly9hcHAuYWRtaXJhbGNsb3VkLmNvbQ', convert: true, expected: 'https://app.admiralcloud.com' },
15
16
  { name: 'Base64 app.admiralcloud.com - with padding', type: 'base64', value: 'aHR0cHM6Ly9hcHAuYWRtaXJhbGNsb3VkLmNvbQ==', convert: true, expected: 'https://app.admiralcloud.com' },
16
17
  ]