hppx 0.1.6 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +9 -4
- package/src/index.d.cts +19 -23
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "hppx",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.8",
|
|
4
4
|
"description": "Superior HTTP Parameter Pollution protection middleware with modern TypeScript, robust sanitizer, and extensive tests.",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "Hiprax",
|
|
@@ -18,9 +18,14 @@
|
|
|
18
18
|
"types": "dist/index.d.ts",
|
|
19
19
|
"exports": {
|
|
20
20
|
".": {
|
|
21
|
-
"
|
|
22
|
-
|
|
23
|
-
|
|
21
|
+
"import": {
|
|
22
|
+
"types": "./dist/index.d.ts",
|
|
23
|
+
"default": "./dist/index.mjs"
|
|
24
|
+
},
|
|
25
|
+
"require": {
|
|
26
|
+
"types": "./dist/index.d.cts",
|
|
27
|
+
"default": "./dist/index.cjs"
|
|
28
|
+
}
|
|
24
29
|
}
|
|
25
30
|
},
|
|
26
31
|
"files": [
|
package/src/index.d.cts
CHANGED
|
@@ -9,10 +9,10 @@
|
|
|
9
9
|
* - TypeScript-first API
|
|
10
10
|
*/
|
|
11
11
|
|
|
12
|
-
|
|
13
|
-
|
|
12
|
+
type RequestSource = "query" | "body" | "params";
|
|
13
|
+
type MergeStrategy = "keepFirst" | "keepLast" | "combine";
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
interface SanitizeOptions {
|
|
16
16
|
whitelist?: string[] | string;
|
|
17
17
|
mergeStrategy?: MergeStrategy;
|
|
18
18
|
maxDepth?: number;
|
|
@@ -23,7 +23,7 @@ export interface SanitizeOptions {
|
|
|
23
23
|
preserveNull?: boolean;
|
|
24
24
|
}
|
|
25
25
|
|
|
26
|
-
|
|
26
|
+
interface HppxOptions extends SanitizeOptions {
|
|
27
27
|
sources?: RequestSource[];
|
|
28
28
|
/** When to process req.body */
|
|
29
29
|
checkBodyContentType?: "urlencoded" | "any" | "none";
|
|
@@ -41,34 +41,30 @@ export interface HppxOptions extends SanitizeOptions {
|
|
|
41
41
|
logPollution?: boolean;
|
|
42
42
|
}
|
|
43
43
|
|
|
44
|
-
|
|
44
|
+
interface SanitizedResult<T> {
|
|
45
45
|
cleaned: T;
|
|
46
46
|
pollutedTree: Record<string, unknown>;
|
|
47
47
|
pollutedKeys: string[];
|
|
48
48
|
}
|
|
49
49
|
|
|
50
|
-
export declare const DEFAULT_SOURCES: RequestSource[];
|
|
51
|
-
export declare const DEFAULT_STRATEGY: MergeStrategy;
|
|
52
|
-
export declare const DANGEROUS_KEYS: Set<string>;
|
|
53
|
-
|
|
54
|
-
export declare function sanitize<T extends Record<string, unknown>>(
|
|
55
|
-
input: T,
|
|
56
|
-
options?: SanitizeOptions,
|
|
57
|
-
): T;
|
|
58
|
-
|
|
59
50
|
type ExpressLikeNext = (err?: unknown) => void;
|
|
60
51
|
|
|
61
52
|
/**
|
|
62
|
-
* Main hppx middleware function
|
|
53
|
+
* Main hppx middleware function
|
|
63
54
|
*/
|
|
64
|
-
|
|
65
|
-
(options?: HppxOptions): (req: any, res: any, next: ExpressLikeNext) => any;
|
|
66
|
-
sanitize: typeof sanitize;
|
|
67
|
-
DANGEROUS_KEYS: typeof DANGEROUS_KEYS;
|
|
68
|
-
DEFAULT_SOURCES: typeof DEFAULT_SOURCES;
|
|
69
|
-
DEFAULT_STRATEGY: typeof DEFAULT_STRATEGY;
|
|
70
|
-
}
|
|
55
|
+
declare function hppx(options?: HppxOptions): (req: any, res: any, next: ExpressLikeNext) => any;
|
|
71
56
|
|
|
72
|
-
declare
|
|
57
|
+
declare namespace hppx {
|
|
58
|
+
export type { RequestSource, MergeStrategy, SanitizeOptions, HppxOptions, SanitizedResult };
|
|
59
|
+
|
|
60
|
+
export function sanitize<T extends Record<string, unknown>>(
|
|
61
|
+
input: T,
|
|
62
|
+
options?: SanitizeOptions,
|
|
63
|
+
): T;
|
|
64
|
+
|
|
65
|
+
export const DANGEROUS_KEYS: Set<string>;
|
|
66
|
+
export const DEFAULT_SOURCES: RequestSource[];
|
|
67
|
+
export const DEFAULT_STRATEGY: MergeStrategy;
|
|
68
|
+
}
|
|
73
69
|
|
|
74
70
|
export = hppx;
|