mcp-wordpress 1.2.2 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +210 -182
- package/dist/cache/CacheInvalidation.d.ts +3 -3
- package/dist/cache/CacheInvalidation.d.ts.map +1 -1
- package/dist/cache/CacheInvalidation.js +119 -119
- package/dist/cache/CacheInvalidation.js.map +1 -1
- package/dist/cache/CacheManager.d.ts +5 -0
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.js +26 -16
- package/dist/cache/CacheManager.js.map +1 -1
- package/dist/cache/HttpCacheWrapper.d.ts +1 -1
- package/dist/cache/HttpCacheWrapper.d.ts.map +1 -1
- package/dist/cache/HttpCacheWrapper.js +29 -29
- package/dist/cache/HttpCacheWrapper.js.map +1 -1
- package/dist/cache/__tests__/CacheInvalidation.test.js +96 -94
- package/dist/cache/__tests__/CacheInvalidation.test.js.map +1 -1
- package/dist/cache/__tests__/CacheManager.test.js +113 -113
- package/dist/cache/__tests__/CacheManager.test.js.map +1 -1
- package/dist/cache/__tests__/CachedWordPressClient.test.js +102 -99
- package/dist/cache/__tests__/CachedWordPressClient.test.js.map +1 -1
- package/dist/cache/__tests__/HttpCacheWrapper.test.js +98 -95
- package/dist/cache/__tests__/HttpCacheWrapper.test.js.map +1 -1
- package/dist/cache/index.d.ts +7 -7
- package/dist/cache/index.d.ts.map +1 -1
- package/dist/cache/index.js +4 -4
- package/dist/cache/index.js.map +1 -1
- package/dist/client/CachedWordPressClient.d.ts +4 -4
- package/dist/client/CachedWordPressClient.d.ts.map +1 -1
- package/dist/client/CachedWordPressClient.js +55 -51
- package/dist/client/CachedWordPressClient.js.map +1 -1
- package/dist/client/api.d.ts +10 -10
- package/dist/client/api.js +158 -158
- package/dist/client/api.js.map +1 -1
- package/dist/client/auth.d.ts +2 -2
- package/dist/client/auth.js +72 -72
- package/dist/client/managers/AuthenticationManager.d.ts +2 -2
- package/dist/client/managers/AuthenticationManager.js +46 -46
- package/dist/client/managers/BaseManager.d.ts +1 -1
- package/dist/client/managers/BaseManager.js +9 -9
- package/dist/client/managers/RequestManager.d.ts +5 -3
- package/dist/client/managers/RequestManager.d.ts.map +1 -1
- package/dist/client/managers/RequestManager.js +39 -19
- package/dist/client/managers/RequestManager.js.map +1 -1
- package/dist/client/managers/index.d.ts +3 -3
- package/dist/client/managers/index.js +3 -3
- package/dist/config/ConfigurationSchema.d.ts +2 -2
- package/dist/config/ConfigurationSchema.d.ts.map +1 -1
- package/dist/config/ConfigurationSchema.js +40 -40
- package/dist/config/ConfigurationSchema.js.map +1 -1
- package/dist/config/ServerConfiguration.d.ts +2 -2
- package/dist/config/ServerConfiguration.js +35 -35
- package/dist/config/ServerConfiguration.js.map +1 -1
- package/dist/docs/DocumentationGenerator.d.ts.map +1 -1
- package/dist/docs/DocumentationGenerator.js +296 -255
- package/dist/docs/DocumentationGenerator.js.map +1 -1
- package/dist/docs/MarkdownFormatter.d.ts +1 -1
- package/dist/docs/MarkdownFormatter.d.ts.map +1 -1
- package/dist/docs/MarkdownFormatter.js +60 -51
- package/dist/docs/MarkdownFormatter.js.map +1 -1
- package/dist/docs/index.d.ts +3 -3
- package/dist/docs/index.d.ts.map +1 -1
- package/dist/docs/index.js +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +16 -16
- package/dist/index.js.map +1 -1
- package/dist/mcp-wordpress-1.3.0.tgz +0 -0
- package/dist/performance/MetricsCollector.d.ts +3 -3
- package/dist/performance/MetricsCollector.d.ts.map +1 -1
- package/dist/performance/MetricsCollector.js +33 -27
- package/dist/performance/MetricsCollector.js.map +1 -1
- package/dist/performance/PerformanceAnalytics.d.ts +12 -12
- package/dist/performance/PerformanceAnalytics.d.ts.map +1 -1
- package/dist/performance/PerformanceAnalytics.js +200 -154
- package/dist/performance/PerformanceAnalytics.js.map +1 -1
- package/dist/performance/PerformanceMonitor.d.ts +5 -5
- package/dist/performance/PerformanceMonitor.d.ts.map +1 -1
- package/dist/performance/PerformanceMonitor.js +53 -52
- package/dist/performance/PerformanceMonitor.js.map +1 -1
- package/dist/performance/index.d.ts +6 -6
- package/dist/performance/index.d.ts.map +1 -1
- package/dist/performance/index.js +3 -3
- package/dist/security/InputValidator.d.ts +1 -1
- package/dist/security/InputValidator.d.ts.map +1 -1
- package/dist/security/InputValidator.js +111 -88
- package/dist/security/InputValidator.js.map +1 -1
- package/dist/security/SecurityConfig.d.ts +5 -5
- package/dist/security/SecurityConfig.js +92 -92
- package/dist/security/SecurityConfig.js.map +1 -1
- package/dist/server/ConnectionTester.d.ts +1 -1
- package/dist/server/ConnectionTester.d.ts.map +1 -1
- package/dist/server/ConnectionTester.js +4 -4
- package/dist/server/ConnectionTester.js.map +1 -1
- package/dist/server/ToolRegistry.d.ts +2 -2
- package/dist/server/ToolRegistry.d.ts.map +1 -1
- package/dist/server/ToolRegistry.js +35 -32
- package/dist/server/ToolRegistry.js.map +1 -1
- package/dist/server.d.ts +2 -2
- package/dist/server.js +2 -2
- package/dist/tools/BaseToolManager.js +5 -5
- package/dist/tools/auth.d.ts +2 -2
- package/dist/tools/auth.d.ts.map +1 -1
- package/dist/tools/auth.js +32 -31
- package/dist/tools/auth.js.map +1 -1
- package/dist/tools/cache.d.ts +1 -1
- package/dist/tools/cache.d.ts.map +1 -1
- package/dist/tools/cache.js +71 -71
- package/dist/tools/cache.js.map +1 -1
- package/dist/tools/comments.d.ts +2 -2
- package/dist/tools/comments.d.ts.map +1 -1
- package/dist/tools/comments.js +79 -79
- package/dist/tools/comments.js.map +1 -1
- package/dist/tools/index.d.ts +10 -10
- package/dist/tools/index.js +10 -10
- package/dist/tools/media.d.ts +2 -2
- package/dist/tools/media.js +80 -80
- package/dist/tools/pages.d.ts +2 -2
- package/dist/tools/pages.d.ts.map +1 -1
- package/dist/tools/pages.js +75 -75
- package/dist/tools/pages.js.map +1 -1
- package/dist/tools/performance.d.ts +1 -1
- package/dist/tools/performance.d.ts.map +1 -1
- package/dist/tools/performance.js +311 -287
- package/dist/tools/performance.js.map +1 -1
- package/dist/tools/posts.d.ts +2 -2
- package/dist/tools/posts.d.ts.map +1 -1
- package/dist/tools/posts.js +94 -94
- package/dist/tools/posts.js.map +1 -1
- package/dist/tools/site.d.ts +2 -2
- package/dist/tools/site.d.ts.map +1 -1
- package/dist/tools/site.js +60 -60
- package/dist/tools/site.js.map +1 -1
- package/dist/tools/taxonomies.d.ts +2 -2
- package/dist/tools/taxonomies.js +89 -89
- package/dist/tools/users.d.ts +2 -2
- package/dist/tools/users.js +68 -68
- package/dist/tools/users.js.map +1 -1
- package/dist/types/client.d.ts +13 -13
- package/dist/types/client.d.ts.map +1 -1
- package/dist/types/client.js +12 -12
- package/dist/types/client.js.map +1 -1
- package/dist/types/index.d.ts +19 -19
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +3 -3
- package/dist/types/mcp.d.ts +7 -7
- package/dist/types/wordpress.d.ts +21 -21
- package/dist/types/wordpress.d.ts.map +1 -1
- package/dist/utils/debug.d.ts +2 -2
- package/dist/utils/debug.js +28 -28
- package/dist/utils/error.d.ts.map +1 -1
- package/dist/utils/error.js +13 -13
- package/dist/utils/error.js.map +1 -1
- package/dist/utils/toolWrapper.d.ts.map +1 -1
- package/dist/utils/toolWrapper.js +5 -5
- package/dist/utils/toolWrapper.js.map +1 -1
- package/dist/utils/validation.d.ts.map +1 -1
- package/dist/utils/validation.js +41 -31
- package/dist/utils/validation.js.map +1 -1
- package/docs/CACHING.md +36 -2
- package/docs/DOCKER.md +24 -18
- package/docs/PERFORMANCE_MONITORING.md +49 -1
- package/docs/SECURITY_TESTING.md +30 -1
- package/docs/api/README.md +9 -1
- package/docs/api/summary.json +1 -1
- package/docs/contract-testing.md +24 -3
- package/docs/developer/GITHUB_ACTIONS_SETUP.md +8 -2
- package/docs/developer/MAINTENANCE.md +29 -3
- package/docs/developer/MIGRATION_GUIDE.md +13 -1
- package/docs/developer/NPM_AUTH_SETUP.md +13 -2
- package/docs/developer/REFACTORING.md +31 -1
- package/docs/releases/COMMUNITY_ANNOUNCEMENT_v1.1.2.md +18 -7
- package/docs/releases/RELEASE_NOTES_v1.1.2.md +31 -5
- package/docs/user-guides/DOCKER_SETUP.md +264 -0
- package/docs/user-guides/DTX_SETUP.md +327 -0
- package/docs/user-guides/NPM_SETUP.md +109 -0
- package/docs/user-guides/NPX_SETUP.md +281 -0
- package/docs/wordpress-rest-api-authentication-troubleshooting.md +13 -2
- package/package.json +27 -8
- package/src/cache/CacheInvalidation.ts +140 -132
- package/src/cache/CacheManager.ts +40 -29
- package/src/cache/HttpCacheWrapper.ts +105 -68
- package/src/cache/__tests__/CacheInvalidation.test.ts +123 -118
- package/src/cache/__tests__/CacheManager.test.ts +156 -152
- package/src/cache/__tests__/CachedWordPressClient.test.ts +131 -116
- package/src/cache/__tests__/HttpCacheWrapper.test.ts +118 -115
- package/src/cache/index.ts +13 -13
- package/src/client/CachedWordPressClient.ts +90 -80
- package/src/client/api.ts +205 -205
- package/src/client/auth.ts +80 -80
- package/src/client/managers/AuthenticationManager.ts +61 -61
- package/src/client/managers/BaseManager.ts +11 -11
- package/src/client/managers/RequestManager.ts +79 -47
- package/src/client/managers/index.ts +3 -3
- package/src/config/ConfigurationSchema.ts +44 -44
- package/src/config/ServerConfiguration.ts +39 -39
- package/src/docs/DocumentationGenerator.ts +402 -295
- package/src/docs/MarkdownFormatter.ts +94 -69
- package/src/docs/index.ts +4 -4
- package/src/index.ts +24 -21
- package/src/performance/MetricsCollector.ts +90 -58
- package/src/performance/PerformanceAnalytics.ts +386 -262
- package/src/performance/PerformanceMonitor.ts +152 -118
- package/src/performance/index.ts +9 -9
- package/src/security/InputValidator.ts +148 -91
- package/src/security/SecurityConfig.ts +94 -94
- package/src/server/ConnectionTester.ts +21 -15
- package/src/server/ToolRegistry.ts +64 -51
- package/src/server.ts +2 -2
- package/src/tools/BaseToolManager.ts +6 -6
- package/src/tools/auth.ts +42 -37
- package/src/tools/cache.ts +85 -81
- package/src/tools/comments.ts +93 -91
- package/src/tools/index.ts +10 -10
- package/src/tools/media.ts +89 -89
- package/src/tools/pages.ts +89 -87
- package/src/tools/performance.ts +443 -352
- package/src/tools/posts.ts +109 -107
- package/src/tools/site.ts +86 -77
- package/src/tools/taxonomies.ts +102 -102
- package/src/tools/users.ts +77 -77
- package/src/types/client.ts +157 -60
- package/src/types/index.ts +49 -27
- package/src/types/mcp.ts +15 -15
- package/src/types/wordpress.ts +57 -29
- package/src/utils/debug.ts +37 -37
- package/src/utils/error.ts +47 -25
- package/src/utils/toolWrapper.ts +12 -8
- package/src/utils/validation.ts +116 -65
- package/dist/client/WordPressClient.d.ts +0 -81
- package/dist/client/WordPressClient.d.ts.map +0 -1
- package/dist/client/WordPressClient.js +0 -354
- package/dist/client/WordPressClient.js.map +0 -1
- package/dist/performance/AnomalyDetector.d.ts +0 -63
- package/dist/performance/AnomalyDetector.d.ts.map +0 -1
- package/dist/performance/AnomalyDetector.js +0 -222
- package/dist/performance/AnomalyDetector.js.map +0 -1
- package/dist/performance/BenchmarkAnalyzer.d.ts +0 -67
- package/dist/performance/BenchmarkAnalyzer.d.ts.map +0 -1
- package/dist/performance/BenchmarkAnalyzer.js +0 -301
- package/dist/performance/BenchmarkAnalyzer.js.map +0 -1
- package/dist/performance/TrendAnalyzer.d.ts +0 -69
- package/dist/performance/TrendAnalyzer.d.ts.map +0 -1
- package/dist/performance/TrendAnalyzer.js +0 -203
- package/dist/performance/TrendAnalyzer.js.map +0 -1
- package/dist/tools/BaseToolClass.d.ts +0 -76
- package/dist/tools/BaseToolClass.d.ts.map +0 -1
- package/dist/tools/BaseToolClass.js +0 -104
- package/dist/tools/BaseToolClass.js.map +0 -1
- package/dist/tools/base.d.ts +0 -37
- package/dist/tools/base.d.ts.map +0 -1
- package/dist/tools/base.js +0 -60
- package/dist/tools/base.js.map +0 -1
- package/docs/user-guides/CLAUDE_DESKTOP_SETUP.md +0 -187
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
* Comprehensive Input Validation and Sanitization System
|
|
3
3
|
* Provides security-focused validation for all MCP tool inputs
|
|
4
4
|
*/
|
|
5
|
-
import { z } from
|
|
5
|
+
import { z } from "zod";
|
|
6
6
|
// Common validation patterns
|
|
7
7
|
const URL_PATTERN = /^https?:\/\/[^\s<>'"{}|\\^`\[\]]+$/;
|
|
8
8
|
const EMAIL_PATTERN = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/;
|
|
@@ -14,70 +14,80 @@ const SQL_INJECTION_PATTERN = /('|(\\')|(;)|(\\x00)|(\\n)|(\\r)|(\\x1a)|(\\x22)|
|
|
|
14
14
|
*/
|
|
15
15
|
export const SecuritySchemas = {
|
|
16
16
|
// Safe string with XSS protection
|
|
17
|
-
safeString: z
|
|
18
|
-
.
|
|
19
|
-
.
|
|
20
|
-
.refine(val => !
|
|
21
|
-
.refine(val => !val.includes(
|
|
22
|
-
.refine(val => !val.includes(
|
|
23
|
-
.refine(val => !val.includes(
|
|
24
|
-
.refine(val => !val.includes(
|
|
17
|
+
safeString: z
|
|
18
|
+
.string()
|
|
19
|
+
.max(10000, "String too long")
|
|
20
|
+
.refine((val) => !SCRIPT_PATTERN.test(val), "Script tags not allowed")
|
|
21
|
+
.refine((val) => !val.includes("javascript:"), "JavaScript URLs not allowed")
|
|
22
|
+
.refine((val) => !val.includes("data:"), "Data URLs not allowed")
|
|
23
|
+
.refine((val) => !val.includes("onerror="), "Event handlers not allowed")
|
|
24
|
+
.refine((val) => !val.includes("onload="), "Event handlers not allowed")
|
|
25
|
+
.refine((val) => !val.includes("onfocus="), "Event handlers not allowed"),
|
|
25
26
|
// HTML content with basic sanitization
|
|
26
|
-
htmlContent: z
|
|
27
|
-
.
|
|
28
|
-
.
|
|
29
|
-
.refine(val => !
|
|
30
|
-
.refine(val => !val.includes(
|
|
27
|
+
htmlContent: z
|
|
28
|
+
.string()
|
|
29
|
+
.max(100000, "Content too long")
|
|
30
|
+
.refine((val) => !SCRIPT_PATTERN.test(val), "Script tags not allowed")
|
|
31
|
+
.refine((val) => !val.includes("javascript:"), "JavaScript URLs not allowed")
|
|
32
|
+
.refine((val) => !val.includes("on[a-z]+="), "Event handlers not allowed"),
|
|
31
33
|
// URL validation
|
|
32
|
-
url: z
|
|
33
|
-
.
|
|
34
|
-
.
|
|
35
|
-
.
|
|
36
|
-
.refine(val => !val.includes(
|
|
34
|
+
url: z
|
|
35
|
+
.string()
|
|
36
|
+
.url("Invalid URL format")
|
|
37
|
+
.regex(URL_PATTERN, "URL contains invalid characters")
|
|
38
|
+
.refine((val) => !val.includes("javascript:"), "JavaScript URLs not allowed")
|
|
39
|
+
.refine((val) => !val.includes("data:"), "Data URLs not allowed"),
|
|
37
40
|
// Email validation
|
|
38
|
-
email: z
|
|
39
|
-
.
|
|
40
|
-
.
|
|
41
|
-
.
|
|
41
|
+
email: z
|
|
42
|
+
.string()
|
|
43
|
+
.email("Invalid email format")
|
|
44
|
+
.regex(EMAIL_PATTERN, "Email contains invalid characters")
|
|
45
|
+
.max(254, "Email too long"),
|
|
42
46
|
// Slug validation (for URLs, usernames, etc.)
|
|
43
|
-
slug: z
|
|
44
|
-
.
|
|
45
|
-
.
|
|
46
|
-
.
|
|
47
|
+
slug: z
|
|
48
|
+
.string()
|
|
49
|
+
.min(1, "Slug cannot be empty")
|
|
50
|
+
.max(100, "Slug too long")
|
|
51
|
+
.regex(SLUG_PATTERN, "Slug can only contain lowercase letters, numbers, and hyphens"),
|
|
47
52
|
// WordPress post/page content
|
|
48
|
-
wpContent: z
|
|
49
|
-
.
|
|
50
|
-
.
|
|
51
|
-
.refine(val => !
|
|
53
|
+
wpContent: z
|
|
54
|
+
.string()
|
|
55
|
+
.max(1000000, "Content too long")
|
|
56
|
+
.refine((val) => !SCRIPT_PATTERN.test(val), "Script tags not allowed in content")
|
|
57
|
+
.refine((val) => !val.includes("javascript:"), "JavaScript URLs not allowed"),
|
|
52
58
|
// Site ID validation
|
|
53
|
-
siteId: z
|
|
54
|
-
.
|
|
55
|
-
.
|
|
56
|
-
.
|
|
59
|
+
siteId: z
|
|
60
|
+
.string()
|
|
61
|
+
.min(1, "Site ID cannot be empty")
|
|
62
|
+
.max(50, "Site ID too long")
|
|
63
|
+
.regex(/^[a-zA-Z0-9\-_]+$/, "Site ID can only contain letters, numbers, hyphens, and underscores"),
|
|
57
64
|
// WordPress ID (numeric)
|
|
58
|
-
wpId: z
|
|
59
|
-
.
|
|
60
|
-
.
|
|
61
|
-
.
|
|
65
|
+
wpId: z
|
|
66
|
+
.number()
|
|
67
|
+
.int("ID must be an integer")
|
|
68
|
+
.positive("ID must be positive")
|
|
69
|
+
.max(999999999, "ID too large"),
|
|
62
70
|
// Search query with SQL injection protection
|
|
63
|
-
searchQuery: z
|
|
64
|
-
.
|
|
65
|
-
.
|
|
66
|
-
.refine(val => !
|
|
67
|
-
.refine(val => !val.includes(
|
|
71
|
+
searchQuery: z
|
|
72
|
+
.string()
|
|
73
|
+
.max(500, "Search query too long")
|
|
74
|
+
.refine((val) => !SQL_INJECTION_PATTERN.test(val), "Invalid characters in search query")
|
|
75
|
+
.refine((val) => !val.includes("--"), "SQL comments not allowed")
|
|
76
|
+
.refine((val) => !val.includes("/*"), "SQL comments not allowed"),
|
|
68
77
|
// File path validation
|
|
69
|
-
filePath: z
|
|
70
|
-
.
|
|
71
|
-
.
|
|
72
|
-
.refine(val => !val.includes(
|
|
73
|
-
.refine(val => !val.includes(
|
|
78
|
+
filePath: z
|
|
79
|
+
.string()
|
|
80
|
+
.max(500, "File path too long")
|
|
81
|
+
.refine((val) => !val.includes(".."), "Path traversal not allowed")
|
|
82
|
+
.refine((val) => !val.includes("<"), "Invalid characters in path")
|
|
83
|
+
.refine((val) => !val.includes(">"), "Invalid characters in path"),
|
|
74
84
|
// Password (for display/logging - never log actual passwords)
|
|
75
|
-
passwordMask: z.string()
|
|
76
|
-
.transform(() => '[REDACTED]'),
|
|
85
|
+
passwordMask: z.string().transform(() => "[REDACTED]"),
|
|
77
86
|
// WordPress application password format
|
|
78
|
-
appPassword: z
|
|
79
|
-
.
|
|
80
|
-
.
|
|
87
|
+
appPassword: z
|
|
88
|
+
.string()
|
|
89
|
+
.regex(/^[a-zA-Z0-9\s]{24}$/, "Invalid application password format")
|
|
90
|
+
.transform((val) => val.replace(/\s/g, " ")), // Normalize spaces
|
|
81
91
|
};
|
|
82
92
|
/**
|
|
83
93
|
* Input sanitization functions
|
|
@@ -88,23 +98,23 @@ export class InputSanitizer {
|
|
|
88
98
|
*/
|
|
89
99
|
static sanitizeHtml(input) {
|
|
90
100
|
return input
|
|
91
|
-
.replace(SCRIPT_PATTERN,
|
|
92
|
-
.replace(/javascript:/gi,
|
|
93
|
-
.replace(/data:/gi,
|
|
94
|
-
.replace(/on[a-z]+\s*=/gi,
|
|
95
|
-
.replace(/<iframe[^>]*>/gi,
|
|
96
|
-
.replace(/<object[^>]*>/gi,
|
|
97
|
-
.replace(/<embed[^>]*>/gi,
|
|
101
|
+
.replace(SCRIPT_PATTERN, "") // Remove script tags
|
|
102
|
+
.replace(/javascript:/gi, "") // Remove javascript: URLs
|
|
103
|
+
.replace(/data:/gi, "") // Remove data: URLs
|
|
104
|
+
.replace(/on[a-z]+\s*=/gi, "") // Remove event handlers
|
|
105
|
+
.replace(/<iframe[^>]*>/gi, "") // Remove iframes
|
|
106
|
+
.replace(/<object[^>]*>/gi, "") // Remove objects
|
|
107
|
+
.replace(/<embed[^>]*>/gi, ""); // Remove embeds
|
|
98
108
|
}
|
|
99
109
|
/**
|
|
100
110
|
* Sanitize search queries to prevent SQL injection
|
|
101
111
|
*/
|
|
102
112
|
static sanitizeSearchQuery(query) {
|
|
103
113
|
return query
|
|
104
|
-
.replace(/['"\\;]/g,
|
|
105
|
-
.replace(/--/g,
|
|
106
|
-
.replace(/\/\*/g,
|
|
107
|
-
.replace(/\*/g,
|
|
114
|
+
.replace(/['"\\;]/g, "") // Remove quotes and backslashes
|
|
115
|
+
.replace(/--/g, "") // Remove SQL comments
|
|
116
|
+
.replace(/\/\*/g, "") // Remove SQL comments
|
|
117
|
+
.replace(/\*/g, "") // Remove wildcards
|
|
108
118
|
.trim()
|
|
109
119
|
.substring(0, 500); // Limit length
|
|
110
120
|
}
|
|
@@ -113,9 +123,9 @@ export class InputSanitizer {
|
|
|
113
123
|
*/
|
|
114
124
|
static sanitizeFilePath(path) {
|
|
115
125
|
return path
|
|
116
|
-
.replace(/\.\./g,
|
|
117
|
-
.replace(/[<>]/g,
|
|
118
|
-
.replace(/[|&;$`\\]/g,
|
|
126
|
+
.replace(/\.\./g, "") // Remove directory traversal
|
|
127
|
+
.replace(/[<>]/g, "") // Remove angle brackets
|
|
128
|
+
.replace(/[|&;$`\\]/g, "") // Remove shell metacharacters
|
|
119
129
|
.trim();
|
|
120
130
|
}
|
|
121
131
|
/**
|
|
@@ -123,11 +133,11 @@ export class InputSanitizer {
|
|
|
123
133
|
*/
|
|
124
134
|
static encodeOutput(input) {
|
|
125
135
|
return input
|
|
126
|
-
.replace(/&/g,
|
|
127
|
-
.replace(/</g,
|
|
128
|
-
.replace(/>/g,
|
|
129
|
-
.replace(/"/g,
|
|
130
|
-
.replace(/'/g,
|
|
136
|
+
.replace(/&/g, "&")
|
|
137
|
+
.replace(/</g, "<")
|
|
138
|
+
.replace(/>/g, ">")
|
|
139
|
+
.replace(/"/g, """)
|
|
140
|
+
.replace(/'/g, "'");
|
|
131
141
|
}
|
|
132
142
|
}
|
|
133
143
|
/**
|
|
@@ -145,7 +155,7 @@ export function validateSecurity(schema) {
|
|
|
145
155
|
console.log(`Security validation passed for ${propertyName}`, {
|
|
146
156
|
timestamp: new Date().toISOString(),
|
|
147
157
|
method: propertyName,
|
|
148
|
-
paramCount: Object.keys(validatedParams).length
|
|
158
|
+
paramCount: Object.keys(validatedParams).length,
|
|
149
159
|
});
|
|
150
160
|
// Call original method with validated params
|
|
151
161
|
return await method.call(this, validatedParams, ...args.slice(1));
|
|
@@ -155,9 +165,19 @@ export function validateSecurity(schema) {
|
|
|
155
165
|
console.error(`Security validation failed for ${propertyName}`, {
|
|
156
166
|
timestamp: new Date().toISOString(),
|
|
157
167
|
method: propertyName,
|
|
158
|
-
error: error instanceof z.ZodError
|
|
168
|
+
error: error instanceof z.ZodError
|
|
169
|
+
? error.errors
|
|
170
|
+
: error instanceof Error
|
|
171
|
+
? error.message
|
|
172
|
+
: String(error),
|
|
159
173
|
});
|
|
160
|
-
throw new SecurityValidationError(`Security validation failed for ${propertyName}`, error instanceof z.ZodError
|
|
174
|
+
throw new SecurityValidationError(`Security validation failed for ${propertyName}`, error instanceof z.ZodError
|
|
175
|
+
? error.errors
|
|
176
|
+
: [
|
|
177
|
+
{
|
|
178
|
+
message: error instanceof Error ? error.message : String(error),
|
|
179
|
+
},
|
|
180
|
+
]);
|
|
161
181
|
}
|
|
162
182
|
};
|
|
163
183
|
return descriptor;
|
|
@@ -170,7 +190,7 @@ export class SecurityValidationError extends Error {
|
|
|
170
190
|
errors;
|
|
171
191
|
constructor(message, errors = []) {
|
|
172
192
|
super(message);
|
|
173
|
-
this.name =
|
|
193
|
+
this.name = "SecurityValidationError";
|
|
174
194
|
this.errors = errors;
|
|
175
195
|
}
|
|
176
196
|
}
|
|
@@ -184,10 +204,10 @@ export const ToolSchemas = {
|
|
|
184
204
|
title: SecuritySchemas.safeString.optional(),
|
|
185
205
|
content: SecuritySchemas.wpContent.optional(),
|
|
186
206
|
excerpt: SecuritySchemas.safeString.optional(),
|
|
187
|
-
status: z.enum([
|
|
207
|
+
status: z.enum(["publish", "draft", "private", "pending"]).optional(),
|
|
188
208
|
slug: SecuritySchemas.slug.optional(),
|
|
189
209
|
categories: z.array(SecuritySchemas.wpId).optional(),
|
|
190
|
-
tags: z.array(SecuritySchemas.wpId).optional()
|
|
210
|
+
tags: z.array(SecuritySchemas.wpId).optional(),
|
|
191
211
|
}),
|
|
192
212
|
// User creation/update
|
|
193
213
|
userData: z.object({
|
|
@@ -197,14 +217,14 @@ export const ToolSchemas = {
|
|
|
197
217
|
password: SecuritySchemas.safeString.optional(),
|
|
198
218
|
roles: z.array(z.string()).optional(),
|
|
199
219
|
firstName: SecuritySchemas.safeString.optional(),
|
|
200
|
-
lastName: SecuritySchemas.safeString.optional()
|
|
220
|
+
lastName: SecuritySchemas.safeString.optional(),
|
|
201
221
|
}),
|
|
202
222
|
// Search parameters
|
|
203
223
|
searchParams: z.object({
|
|
204
224
|
site: SecuritySchemas.siteId.optional(),
|
|
205
225
|
query: SecuritySchemas.searchQuery,
|
|
206
|
-
type: z.enum([
|
|
207
|
-
limit: z.number().int().min(1).max(100).optional()
|
|
226
|
+
type: z.enum(["post", "page", "any"]).optional(),
|
|
227
|
+
limit: z.number().int().min(1).max(100).optional(),
|
|
208
228
|
}),
|
|
209
229
|
// Media upload
|
|
210
230
|
mediaUpload: z.object({
|
|
@@ -212,7 +232,7 @@ export const ToolSchemas = {
|
|
|
212
232
|
filename: SecuritySchemas.filePath,
|
|
213
233
|
title: SecuritySchemas.safeString.optional(),
|
|
214
234
|
caption: SecuritySchemas.safeString.optional(),
|
|
215
|
-
description: SecuritySchemas.safeString.optional()
|
|
235
|
+
description: SecuritySchemas.safeString.optional(),
|
|
216
236
|
}),
|
|
217
237
|
// Site settings
|
|
218
238
|
siteSettings: z.object({
|
|
@@ -220,7 +240,7 @@ export const ToolSchemas = {
|
|
|
220
240
|
title: SecuritySchemas.safeString.optional(),
|
|
221
241
|
description: SecuritySchemas.safeString.optional(),
|
|
222
242
|
url: SecuritySchemas.url.optional(),
|
|
223
|
-
adminEmail: SecuritySchemas.email.optional()
|
|
243
|
+
adminEmail: SecuritySchemas.email.optional(),
|
|
224
244
|
}),
|
|
225
245
|
// Generic list parameters
|
|
226
246
|
listParams: z.object({
|
|
@@ -229,13 +249,13 @@ export const ToolSchemas = {
|
|
|
229
249
|
perPage: z.number().int().min(1).max(100).optional(),
|
|
230
250
|
search: SecuritySchemas.searchQuery.optional(),
|
|
231
251
|
orderBy: z.string().max(50).optional(),
|
|
232
|
-
order: z.enum([
|
|
252
|
+
order: z.enum(["asc", "desc"]).optional(),
|
|
233
253
|
}),
|
|
234
254
|
// ID-based operations
|
|
235
255
|
idParams: z.object({
|
|
236
256
|
site: SecuritySchemas.siteId.optional(),
|
|
237
|
-
id: SecuritySchemas.wpId
|
|
238
|
-
})
|
|
257
|
+
id: SecuritySchemas.wpId,
|
|
258
|
+
}),
|
|
239
259
|
};
|
|
240
260
|
/**
|
|
241
261
|
* Rate limiting and DoS protection
|
|
@@ -252,7 +272,10 @@ export class SecurityLimiter {
|
|
|
252
272
|
const key = identifier;
|
|
253
273
|
const current = this.requestCounts.get(key);
|
|
254
274
|
if (!current || now > current.resetTime) {
|
|
255
|
-
this.requestCounts.set(key, {
|
|
275
|
+
this.requestCounts.set(key, {
|
|
276
|
+
count: 1,
|
|
277
|
+
resetTime: now + this.WINDOW_MS,
|
|
278
|
+
});
|
|
256
279
|
return true;
|
|
257
280
|
}
|
|
258
281
|
if (current.count >= this.RATE_LIMIT) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"InputValidator.js","sourceRoot":"","sources":["../../src/security/InputValidator.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,6BAA6B;AAC7B,MAAM,WAAW,GAAG,oCAAoC,CAAC;AACzD,MAAM,aAAa,GAAG,kDAAkD,CAAC;AACzE,MAAM,YAAY,GAAG,cAAc,CAAC;AACpC,MAAM,cAAc,GAAG,qDAAqD,CAAC;AAC7E,MAAM,qBAAqB,GAAG,4EAA4E,CAAC;AAE3G;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG;IAC7B,kCAAkC;IAClC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;SACnB,GAAG,CAAC,KAAK,EAAE,iBAAiB,CAAC;SAC7B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,yBAAyB,CAAC;SACnE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,6BAA6B,CAAC;SAC1E,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,uBAAuB,CAAC;SAC9D,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,4BAA4B,CAAC;SACtE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,4BAA4B,CAAC;SACrE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,4BAA4B,CAAC;IAEzE,uCAAuC;IACvC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;SACpB,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC;SAC/B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,yBAAyB,CAAC;SACnE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,6BAA6B,CAAC;SAC1E,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,4BAA4B,CAAC;IAE1E,iBAAiB;IACjB,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;SACZ,GAAG,CAAC,oBAAoB,CAAC;SACzB,KAAK,CAAC,WAAW,EAAE,iCAAiC,CAAC;SACrD,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,6BAA6B,CAAC;SAC1E,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,uBAAuB,CAAC;IAEjE,mBAAmB;IACnB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;SACd,KAAK,CAAC,sBAAsB,CAAC;SAC7B,KAAK,CAAC,aAAa,EAAE,mCAAmC,CAAC;SACzD,GAAG,CAAC,GAAG,EAAE,gBAAgB,CAAC;IAE7B,8CAA8C;IAC9C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;SACb,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC;SAC9B,GAAG,CAAC,GAAG,EAAE,eAAe,CAAC;SACzB,KAAK,CAAC,YAAY,EAAE,+DAA+D,CAAC;IAEvF,8BAA8B;IAC9B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;SAClB,GAAG,CAAC,OAAO,EAAE,kBAAkB,CAAC;SAChC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,oCAAoC,CAAC;SAC9E,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,6BAA6B,CAAC;IAE7E,qBAAqB;IACrB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;SACf,GAAG,CAAC,CAAC,EAAE,yBAAyB,CAAC;SACjC,GAAG,CAAC,EAAE,EAAE,kBAAkB,CAAC;SAC3B,KAAK,CAAC,mBAAmB,EAAE,qEAAqE,CAAC;IAEpG,yBAAyB;IACzB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;SACb,GAAG,CAAC,uBAAuB,CAAC;SAC5B,QAAQ,CAAC,qBAAqB,CAAC;SAC/B,GAAG,CAAC,SAAS,EAAE,cAAc,CAAC;IAEjC,6CAA6C;IAC7C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;SACpB,GAAG,CAAC,GAAG,EAAE,uBAAuB,CAAC;SACjC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,oCAAoC,CAAC;SACrF,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,0BAA0B,CAAC;SAC9D,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,0BAA0B,CAAC;IAEjE,uBAAuB;IACvB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;SACjB,GAAG,CAAC,GAAG,EAAE,oBAAoB,CAAC;SAC9B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,4BAA4B,CAAC;SAChE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,4BAA4B,CAAC;SAC/D,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,4BAA4B,CAAC;IAElE,8DAA8D;IAC9D,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;SACrB,SAAS,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC;IAEhC,wCAAwC;IACxC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;SACpB,KAAK,CAAC,qBAAqB,EAAE,qCAAqC,CAAC;SACnE,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,mBAAmB;CACjE,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,cAAc;IACzB;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,OAAO,KAAK;aACT,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,qBAAqB;aACjD,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,0BAA0B;aACvD,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,oBAAoB;aAC3C,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,wBAAwB;aACtD,OAAO,CAAC,iBAAiB,EAAE,EAAE,CAAC,CAAC,iBAAiB;aAChD,OAAO,CAAC,iBAAiB,EAAE,EAAE,CAAC,CAAC,iBAAiB;aAChD,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB;IACpD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,mBAAmB,CAAC,KAAa;QACtC,OAAO,KAAK;aACT,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,gCAAgC;aACxD,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,sBAAsB;aACzC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,sBAAsB;aAC3C,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,mBAAmB;aACtC,IAAI,EAAE;aACN,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,eAAe;IACvC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,gBAAgB,CAAC,IAAY;QAClC,OAAO,IAAI;aACR,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,6BAA6B;aAClD,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,wBAAwB;aAC7C,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,8BAA8B;aACxD,IAAI,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,OAAO,KAAK;aACT,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;aACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;aACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;aACrB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC;aACvB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC7B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAmB;IAClD,OAAO,UAAU,MAAW,EAAE,YAAoB,EAAE,UAA8B;QAChF,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC;QAEhC,UAAU,CAAC,KAAK,GAAG,KAAK,WAAW,GAAG,IAAW;YAC/C,IAAI,CAAC;gBACH,4BAA4B;gBAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC7B,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAE7C,mDAAmD;gBACnD,OAAO,CAAC,GAAG,CAAC,kCAAkC,YAAY,EAAE,EAAE;oBAC5D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,YAAY;oBACpB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM;iBAChD,CAAC,CAAC;gBAEH,6CAA6C;gBAC7C,OAAO,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YACpE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,kCAAkC;gBAClC,OAAO,CAAC,KAAK,CAAC,kCAAkC,YAAY,EAAE,EAAE;oBAC9D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,YAAY;oBACpB,KAAK,EAAE,KAAK,YAAY,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;iBAC7G,CAAC,CAAC;gBAEH,MAAM,IAAI,uBAAuB,CAC/B,kCAAkC,YAAY,EAAE,EAChD,KAAK,YAAY,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CACnH,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;QAEF,OAAO,UAAU,CAAC;IACpB,CAAC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,uBAAwB,SAAQ,KAAK;IAChC,MAAM,CAAQ;IAE9B,YAAY,OAAe,EAAE,SAAgB,EAAE;QAC7C,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAC;QACtC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,uBAAuB;IACvB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC;QACjB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,KAAK,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC5C,OAAO,EAAE,eAAe,CAAC,SAAS,CAAC,QAAQ,EAAE;QAC7C,OAAO,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC9C,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;QACrE,IAAI,EAAE,eAAe,CAAC,IAAI,CAAC,QAAQ,EAAE;QACrC,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;QACpD,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;KAC/C,CAAC;IAEF,uBAAuB;IACvB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC;QACjB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,QAAQ,EAAE,eAAe,CAAC,IAAI;QAC9B,KAAK,EAAE,eAAe,CAAC,KAAK;QAC5B,QAAQ,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC/C,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QACrC,SAAS,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAChD,QAAQ,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;KAChD,CAAC;IAEF,oBAAoB;IACpB,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC;QACrB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,KAAK,EAAE,eAAe,CAAC,WAAW;QAClC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE;QAChD,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;KACnD,CAAC;IAEF,eAAe;IACf,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;QACpB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,QAAQ,EAAE,eAAe,CAAC,QAAQ;QAClC,KAAK,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC5C,OAAO,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC9C,WAAW,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;KACnD,CAAC;IAEF,gBAAgB;IAChB,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC;QACrB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,KAAK,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC5C,WAAW,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAClD,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE;QACnC,UAAU,EAAE,eAAe,CAAC,KAAK,CAAC,QAAQ,EAAE;KAC7C,CAAC;IAEF,0BAA0B;IAC1B,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;QACnB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;QAClD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;QACpD,MAAM,EAAE,eAAe,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;QACtC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE;KAC1C,CAAC;IAEF,sBAAsB;IACtB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC;QACjB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,EAAE,EAAE,eAAe,CAAC,IAAI;KACzB,CAAC;CACH,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,eAAe;IAClB,MAAM,CAAC,aAAa,GAAG,IAAI,GAAG,EAAgD,CAAC;IAC/E,MAAM,CAAU,UAAU,GAAG,IAAI,CAAC,CAAC,sBAAsB;IACzD,MAAM,CAAU,SAAS,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW;IAE1D;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,UAAkB;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,UAAU,CAAC;QACvB,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5C,IAAI,CAAC,OAAO,IAAI,GAAG,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,OAAO,CAAC,KAAK,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACrC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,CAAC,KAAK,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,OAAO;QACZ,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,EAAE,CAAC;YACvD,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBACzB,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;IACH,CAAC;;AAGH,yBAAyB;AACzB,WAAW,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,wBAAwB"}
|
|
1
|
+
{"version":3,"file":"InputValidator.js","sourceRoot":"","sources":["../../src/security/InputValidator.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,6BAA6B;AAC7B,MAAM,WAAW,GAAG,oCAAoC,CAAC;AACzD,MAAM,aAAa,GAAG,kDAAkD,CAAC;AACzE,MAAM,YAAY,GAAG,cAAc,CAAC;AACpC,MAAM,cAAc,GAAG,qDAAqD,CAAC;AAC7E,MAAM,qBAAqB,GACzB,4EAA4E,CAAC;AAE/E;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG;IAC7B,kCAAkC;IAClC,UAAU,EAAE,CAAC;SACV,MAAM,EAAE;SACR,GAAG,CAAC,KAAK,EAAE,iBAAiB,CAAC;SAC7B,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,yBAAyB,CAAC;SACrE,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EACrC,6BAA6B,CAC9B;SACA,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,uBAAuB,CAAC;SAChE,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,4BAA4B,CAAC;SACxE,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,4BAA4B,CAAC;SACvE,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,4BAA4B,CAAC;IAE3E,uCAAuC;IACvC,WAAW,EAAE,CAAC;SACX,MAAM,EAAE;SACR,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC;SAC/B,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,yBAAyB,CAAC;SACrE,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EACrC,6BAA6B,CAC9B;SACA,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,4BAA4B,CAAC;IAE5E,iBAAiB;IACjB,GAAG,EAAE,CAAC;SACH,MAAM,EAAE;SACR,GAAG,CAAC,oBAAoB,CAAC;SACzB,KAAK,CAAC,WAAW,EAAE,iCAAiC,CAAC;SACrD,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EACrC,6BAA6B,CAC9B;SACA,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,uBAAuB,CAAC;IAEnE,mBAAmB;IACnB,KAAK,EAAE,CAAC;SACL,MAAM,EAAE;SACR,KAAK,CAAC,sBAAsB,CAAC;SAC7B,KAAK,CAAC,aAAa,EAAE,mCAAmC,CAAC;SACzD,GAAG,CAAC,GAAG,EAAE,gBAAgB,CAAC;IAE7B,8CAA8C;IAC9C,IAAI,EAAE,CAAC;SACJ,MAAM,EAAE;SACR,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC;SAC9B,GAAG,CAAC,GAAG,EAAE,eAAe,CAAC;SACzB,KAAK,CACJ,YAAY,EACZ,+DAA+D,CAChE;IAEH,8BAA8B;IAC9B,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,GAAG,CAAC,OAAO,EAAE,kBAAkB,CAAC;SAChC,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAClC,oCAAoC,CACrC;SACA,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EACrC,6BAA6B,CAC9B;IAEH,qBAAqB;IACrB,MAAM,EAAE,CAAC;SACN,MAAM,EAAE;SACR,GAAG,CAAC,CAAC,EAAE,yBAAyB,CAAC;SACjC,GAAG,CAAC,EAAE,EAAE,kBAAkB,CAAC;SAC3B,KAAK,CACJ,mBAAmB,EACnB,qEAAqE,CACtE;IAEH,yBAAyB;IACzB,IAAI,EAAE,CAAC;SACJ,MAAM,EAAE;SACR,GAAG,CAAC,uBAAuB,CAAC;SAC5B,QAAQ,CAAC,qBAAqB,CAAC;SAC/B,GAAG,CAAC,SAAS,EAAE,cAAc,CAAC;IAEjC,6CAA6C;IAC7C,WAAW,EAAE,CAAC;SACX,MAAM,EAAE;SACR,GAAG,CAAC,GAAG,EAAE,uBAAuB,CAAC;SACjC,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,EACzC,oCAAoC,CACrC;SACA,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,0BAA0B,CAAC;SAChE,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,0BAA0B,CAAC;IAEnE,uBAAuB;IACvB,QAAQ,EAAE,CAAC;SACR,MAAM,EAAE;SACR,GAAG,CAAC,GAAG,EAAE,oBAAoB,CAAC;SAC9B,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,4BAA4B,CAAC;SAClE,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,4BAA4B,CAAC;SACjE,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,4BAA4B,CAAC;IAEpE,8DAA8D;IAC9D,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC;IAEtD,wCAAwC;IACxC,WAAW,EAAE,CAAC;SACX,MAAM,EAAE;SACR,KAAK,CAAC,qBAAqB,EAAE,qCAAqC,CAAC;SACnE,SAAS,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,EAAE,mBAAmB;CACpE,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,cAAc;IACzB;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,OAAO,KAAK;aACT,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,qBAAqB;aACjD,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,0BAA0B;aACvD,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,oBAAoB;aAC3C,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,wBAAwB;aACtD,OAAO,CAAC,iBAAiB,EAAE,EAAE,CAAC,CAAC,iBAAiB;aAChD,OAAO,CAAC,iBAAiB,EAAE,EAAE,CAAC,CAAC,iBAAiB;aAChD,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB;IACpD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,mBAAmB,CAAC,KAAa;QACtC,OAAO,KAAK;aACT,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,gCAAgC;aACxD,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,sBAAsB;aACzC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,sBAAsB;aAC3C,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,mBAAmB;aACtC,IAAI,EAAE;aACN,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,eAAe;IACvC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,gBAAgB,CAAC,IAAY;QAClC,OAAO,IAAI;aACR,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,6BAA6B;aAClD,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,wBAAwB;aAC7C,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,8BAA8B;aACxD,IAAI,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,OAAO,KAAK;aACT,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;aACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;aACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;aACrB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC;aACvB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC7B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAmB;IAClD,OAAO,UACL,MAAW,EACX,YAAoB,EACpB,UAA8B;QAE9B,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC;QAEhC,UAAU,CAAC,KAAK,GAAG,KAAK,WAAW,GAAG,IAAW;YAC/C,IAAI,CAAC;gBACH,4BAA4B;gBAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC7B,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAE7C,mDAAmD;gBACnD,OAAO,CAAC,GAAG,CAAC,kCAAkC,YAAY,EAAE,EAAE;oBAC5D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,YAAY;oBACpB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM;iBAChD,CAAC,CAAC;gBAEH,6CAA6C;gBAC7C,OAAO,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,eAAe,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YACpE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,kCAAkC;gBAClC,OAAO,CAAC,KAAK,CAAC,kCAAkC,YAAY,EAAE,EAAE;oBAC9D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,YAAY;oBACpB,KAAK,EACH,KAAK,YAAY,CAAC,CAAC,QAAQ;wBACzB,CAAC,CAAC,KAAK,CAAC,MAAM;wBACd,CAAC,CAAC,KAAK,YAAY,KAAK;4BACtB,CAAC,CAAC,KAAK,CAAC,OAAO;4BACf,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;iBACtB,CAAC,CAAC;gBAEH,MAAM,IAAI,uBAAuB,CAC/B,kCAAkC,YAAY,EAAE,EAChD,KAAK,YAAY,CAAC,CAAC,QAAQ;oBACzB,CAAC,CAAC,KAAK,CAAC,MAAM;oBACd,CAAC,CAAC;wBACA;4BACE,OAAO,EACH,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;yBAC3D;qBACF,CACJ,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;QAEF,OAAO,UAAU,CAAC;IACpB,CAAC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,uBAAwB,SAAQ,KAAK;IAChC,MAAM,CAAQ;IAE9B,YAAY,OAAe,EAAE,SAAgB,EAAE;QAC7C,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAC;QACtC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,uBAAuB;IACvB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC;QACjB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,KAAK,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC5C,OAAO,EAAE,eAAe,CAAC,SAAS,CAAC,QAAQ,EAAE;QAC7C,OAAO,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC9C,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;QACrE,IAAI,EAAE,eAAe,CAAC,IAAI,CAAC,QAAQ,EAAE;QACrC,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;QACpD,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;KAC/C,CAAC;IAEF,uBAAuB;IACvB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC;QACjB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,QAAQ,EAAE,eAAe,CAAC,IAAI;QAC9B,KAAK,EAAE,eAAe,CAAC,KAAK;QAC5B,QAAQ,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC/C,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QACrC,SAAS,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAChD,QAAQ,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;KAChD,CAAC;IAEF,oBAAoB;IACpB,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC;QACrB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,KAAK,EAAE,eAAe,CAAC,WAAW;QAClC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE;QAChD,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;KACnD,CAAC;IAEF,eAAe;IACf,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;QACpB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,QAAQ,EAAE,eAAe,CAAC,QAAQ;QAClC,KAAK,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC5C,OAAO,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC9C,WAAW,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;KACnD,CAAC;IAEF,gBAAgB;IAChB,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC;QACrB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,KAAK,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAC5C,WAAW,EAAE,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE;QAClD,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE;QACnC,UAAU,EAAE,eAAe,CAAC,KAAK,CAAC,QAAQ,EAAE;KAC7C,CAAC;IAEF,0BAA0B;IAC1B,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;QACnB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;QAClD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;QACpD,MAAM,EAAE,eAAe,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;QACtC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE;KAC1C,CAAC;IAEF,sBAAsB;IACtB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC;QACjB,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,EAAE,EAAE,eAAe,CAAC,IAAI;KACzB,CAAC;CACH,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,eAAe;IAClB,MAAM,CAAC,aAAa,GAAG,IAAI,GAAG,EAGnC,CAAC;IACI,MAAM,CAAU,UAAU,GAAG,IAAI,CAAC,CAAC,sBAAsB;IACzD,MAAM,CAAU,SAAS,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW;IAE1D;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,UAAkB;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,UAAU,CAAC;QACvB,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5C,IAAI,CAAC,OAAO,IAAI,GAAG,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,EAAE;gBAC1B,KAAK,EAAE,CAAC;gBACR,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,SAAS;aAChC,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,OAAO,CAAC,KAAK,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACrC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,CAAC,KAAK,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,OAAO;QACZ,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,EAAE,CAAC;YACvD,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBACzB,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;IACH,CAAC;;AAGH,yBAAyB;AACzB,WAAW,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,wBAAwB"}
|
|
@@ -38,11 +38,11 @@ export declare const SecurityConfig: {
|
|
|
38
38
|
auth: number;
|
|
39
39
|
};
|
|
40
40
|
headers: {
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
41
|
+
"X-Content-Type-Options": string;
|
|
42
|
+
"X-Frame-Options": string;
|
|
43
|
+
"X-XSS-Protection": string;
|
|
44
|
+
"Strict-Transport-Security": string;
|
|
45
|
+
"Content-Security-Policy": string;
|
|
46
46
|
};
|
|
47
47
|
errorMessages: {
|
|
48
48
|
authentication: string;
|