UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

aikido.dev/zen

AikidoSec/firewall-node

54 lines (53 loc) 1.66 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
"use strict"; const RE_PLUS = /\+/g; const HEX = [ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ]; function Decoder() { this.buffer = undefined; } Decoder.prototype.write = function (str) { // Replace '+' with ' ' before decoding str = str.replace(RE_PLUS, " "); let res = ""; let i = 0; let p = 0; const len = str.length; for (; i < len; ++i) { if (this.buffer !== undefined) { if (!HEX[str.charCodeAt(i)]) { res += "%" + this.buffer; this.buffer = undefined; --i; // retry character } else { this.buffer += str[i]; ++p; if (this.buffer.length === 2) { res += String.fromCharCode(parseInt(this.buffer, 16)); this.buffer = undefined; } } } else if (str[i] === "%") { if (i > p) { res += str.substring(p, i); p = i; } this.buffer = ""; ++p; } } if (p < len && this.buffer === undefined) { res += str.substring(p); } return res; }; Decoder.prototype.reset = function () { this.buffer = undefined; }; module.exports = Decoder;