UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

aikido.dev/zen

AikidoSec/firewall-node

73 lines (72 loc) 2.31 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.getStringFormat = getStringFormat; const net_1 = require("net"); const isDateString_1 = require("./helpers/isDateString"); const isDateTimeString_1 = require("./helpers/isDateTimeString"); const isUUIDString_1 = require("./helpers/isUUIDString"); const isEmail_1 = require("./helpers/isEmail"); const isUri_1 = require("./helpers/isUri"); // Used for improved performance const indicationChars = new Set(["-", ":", "@", ".", "://"]); /** * Get the format of a string * https://swagger.io/docs/specification/v3_0/data-models/data-types/#strings */ function getStringFormat(str) { // Skip if too short if (str.length < 5) { return undefined; } // Skip if too long (performance optimization) if (str.length > 255) { return undefined; } const foundIndicationChars = checkForIndicationChars(str); if (foundIndicationChars.has("-")) { if (foundIndicationChars.has(":")) { // Check if it is a date-time, e.g. 2021-01-01T00:00:00Z if ((0, isDateTimeString_1.default)(str)) { return "date-time"; } } // Check if it is a date, e.g. 2021-01-01 if ((0, isDateString_1.default)(str)) { return "date"; } // Check if it is a UUID if ((0, isUUIDString_1.default)(str)) { return "uuid"; } } // Check if it is an email if (foundIndicationChars.has("@") && (0, isEmail_1.default)(str)) { return "email"; } // Check if it is a URI if (foundIndicationChars.has("://") && (0, isUri_1.default)(str)) { return "uri"; } // Check if it is an IPv4 if (foundIndicationChars.has(".") && (0, net_1.isIPv4)(str)) { return "ipv4"; } // Check if it is an IPv6 if (foundIndicationChars.has(":") && (0, net_1.isIPv6)(str)) { return "ipv6"; } return undefined; } /** * Check for indication characters in a string * This is used to improve performance */ function checkForIndicationChars(str) { const foundChars = new Set(); for (const iChar of indicationChars) { if (str.includes(iChar)) { foundChars.add(iChar); } } return foundChars; }