UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks

aikido.dev/zen

AikidoSec/firewall-node

20 lines (19 loc) 954 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.detectJsInjection = detectJsInjection; const shouldReturnEarly_1 = require("./shouldReturnEarly"); // eslint-disable-next-line camelcase const zen_internals_1 = require("../../internals/zen_internals"); /** * Detects if the user input is a JS injection * The sourceType is used to determine the source of the user input * https://github.com/AikidoSec/zen-internals/blob/4b7bf2c7796155731dc2736a04e3f4d99cdc712b/src/js_injection/helpers/select_sourcetype_based_on_enum.rs#L4 */ function detectJsInjection(code, userInput, sourceType = 0) { const codeLowercase = code.toLowerCase(); const userInputLowercase = userInput.toLowerCase(); if ((0, shouldReturnEarly_1.shouldReturnEarly)(codeLowercase, userInputLowercase)) { return false; } return (0, zen_internals_1.wasm_detect_js_injection)(codeLowercase, userInputLowercase, sourceType); }