|
Server IP : 92.205.26.207 / Your IP : 216.73.216.16 Web Server : Apache System : Linux 207.26.205.92.host.secureserver.net 4.18.0-553.60.1.el8_10.x86_64 #1 SMP Thu Jul 10 04:01:16 EDT 2025 x86_64 User : zikryat ( 1002) PHP Version : 8.3.23 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home/zikryat/public_html/node_modules/class-sanitizer/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.Sanitizer = void 0;
const default_storage_const_1 = require("./default-storage.const");
const validator_1 = __importDefault(require("validator"));
/**
* Sanitizer performs sanitation of the given object based on its metadata.
*/
class Sanitizer {
constructor() {
this.metadataStorage = default_storage_const_1.defaultMetadataStorage;
}
/**
* Remove characters that appear in the blacklist. The characters are used in a RegExp and so you will need to
* escape some chars, e.g @Blacklist('\\[\\]')
*/
static blacklist(str, chars) {
return validator_1.default.blacklist(str, chars);
}
/**
* Replace <, >, &, ', " and / with HTML entities.
*/
static escape(str) {
return validator_1.default.escape(str);
}
/**
* Trim characters from the left-side of the input.
*/
static ltrim(str, chars) {
return validator_1.default.ltrim(str, chars);
}
/**
* Canonicalize an email address.
*/
static normalizeEmail(str, lowercase) {
return validator_1.default.normalizeEmail(str, { all_lowercase: lowercase });
}
/**
* Trim characters from the right-side of the input.
*/
static rtrim(str, chars) {
return validator_1.default.rtrim(str, chars);
}
/**
* Remove characters with a numerical value < 32 and 127, mostly control characters.
* If keepNewLines is true, newline characters are preserved (\n and \r, hex 0xA and 0xD).
* Unicode-safe in JavaScript.
*/
static stripLow(str, keepNewLines) {
return validator_1.default.stripLow(str, keepNewLines);
}
/**
* Convert the input to a boolean.
* Everything except for '0', 'false' and '' returns true. In strict mode only '1' and 'true' return true.
*/
static toBoolean(input, isStrict) {
if (typeof input === 'string') {
return validator_1.default.toBoolean(input, isStrict);
}
return !!input;
}
/**
* Convert the input to a date, or null if the input is not a date.
*/
static toDate(input) {
if (input instanceof Date) {
return input;
}
return validator_1.default.toDate(input.toString());
}
/**
* Convert the input to a float.
*/
static toFloat(input) {
// eslint-disable-next-line @typescript-eslint/restrict-plus-operands
return validator_1.default.toFloat('' + input);
}
/**
* Convert the input to an integer, or NaN if the input is not an integer.
*/
static toInt(input, radix) {
// eslint-disable-next-line @typescript-eslint/restrict-plus-operands
return validator_1.default.toInt('' + input, radix);
}
/**
* Convert the input to a string.
*/
static toString(input) {
// eslint-disable-next-line @typescript-eslint/restrict-plus-operands
return '' + input;
}
/**
* Trim characters (whitespace by default) from both sides of the input. You can specify chars that should be trimmed.
*/
static trim(str, chars) {
return validator_1.default.trim(str, chars);
}
/**
* Remove characters that do not appear in the whitelist.
* The characters are used in a RegExp and so you will need to escape some chars, e.g. whitelist(input, '\\[\\]').
*/
static whitelist(str, chars) {
return validator_1.default.whitelist(str, chars);
}
/**
* Performs sanitation of the given object based on the decorator annotations in the class definition.
*/
sanitize(classInstance) {
this.metadataStorage
.getSanitizeMetadatasForClassInstance(classInstance)
.filter(mt => classInstance[mt.propertyName] !== undefined && classInstance[mt.propertyName] !== null)
.forEach(metadata => {
/** If `each` is set we validate the values of the array. */
if (metadata.each) {
if (!Array.isArray(classInstance[metadata.propertyName])) {
throw new Error(`Received a non-array value when expected array ('each' was set to true).`);
}
classInstance[metadata.propertyName].forEach((value, index) => {
classInstance[metadata.propertyName][index] =
metadata.type === "NESTED" /* NESTED */
? this.sanitize(classInstance[metadata.propertyName][index])
: this.sanitizeValue(value, metadata);
});
}
else {
classInstance[metadata.propertyName] =
metadata.type === "NESTED" /* NESTED */
? this.sanitize(classInstance[metadata.propertyName])
: this.sanitizeValue(classInstance[metadata.propertyName], metadata);
}
});
return classInstance;
}
/**
* Performs sanitation of the given object based on annotations used in given object class.
* Performs in async-style, useful to use it in chained promises.
*/
// eslint-disable-next-line @typescript-eslint/require-await
async sanitizeAsync(classInstance) {
return this.sanitize(classInstance);
}
/**
* Sanitizes a single value based on the received metadata.
*
* @param value the value to sanitize
* @param metadata the metadata for the given property
*/
sanitizeValue(value, metadata) {
switch (metadata.type) {
case "BLACKLIST" /* BLACKLIST */:
return Sanitizer.blacklist(value, metadata.value1);
case "ESCAPE" /* ESCAPE */:
return Sanitizer.escape(value);
case "LTRIM" /* LTRIM */:
return Sanitizer.ltrim(value, metadata.value1);
case "NORMALIZE_EMAIL" /* NORMALIZE_EMAIL */:
return Sanitizer.normalizeEmail(value, metadata.value1);
case "RTRIM" /* RTRIM */:
return Sanitizer.rtrim(value, metadata.value1);
case "STRIP_LOW" /* STRIP_LOW */:
return Sanitizer.stripLow(value, metadata.value1);
case "TO_BOOLEAN" /* TO_BOOLEAN */:
return Sanitizer.toBoolean(value, metadata.value1);
case "TO_DATE" /* TO_DATE */:
return Sanitizer.toDate(value);
case "TO_FLOAT" /* TO_FLOAT */:
return Sanitizer.toFloat(value);
case "TO_INT" /* TO_INT */:
return Sanitizer.toInt(value, metadata.value1);
case "TO_STRING" /* TO_STRING */:
return Sanitizer.toString(value);
case "TRIM" /* TRIM */:
return Sanitizer.trim(value, metadata.value1);
case "WHITELIST" /* WHITELIST */:
return Sanitizer.whitelist(value, metadata.value1);
case "CUSTOM_SANITIZATION" /* CUSTOM_SANITIZATION */:
return (this.metadataStorage
.getSanitizeConstraintsForClassConstructor(metadata.value1)
// Here the value must exists because we create it when registering the decorators.
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
.reduce((result, sanitizer) => sanitizer.instance.sanitize(result), value));
default:
throw Error(`Wrong sanitation type is supplied ${metadata.type} for value ${value}`);
}
}
}
exports.Sanitizer = Sanitizer;
//# sourceMappingURL=sanitizer.class.js.map