UNPKG

@nodesecure/js-x-ray

Version:

JavaScript AST XRay analysis

github.com/NodeSecure/js-x-ray

NodeSecure/js-x-ray

53 lines 1.78 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
// CONSTANTS const kLenSegmenter = new Intl.Segmenter(); /** * Note: this is not a perfect way to calculate the width of a string, but it should be good enough for our use case. * We are not trying to be 100% accurate, but rather to have a rough estimate of the width of a string. */ function stringLength(string) { if (string === "") { return 0; } let length = 0; for (const _ of kLenSegmenter.segment(string)) { length++; } return length; } /** * @description Get the number of unique chars in a given string * @param {!string} str string * @param {string[]} [charsToExclude=[]] * @returns {number} */ export function stringCharDiversity(str, charsToExclude = []) { const data = new Set(str); [...charsToExclude].forEach((char) => data.delete(char)); return data.size; } // --- const kMaxSafeStringLen = 45; const kMaxSafeStringCharDiversity = 70; const kMinUnsafeStringLenThreshold = 200; const kScoreStringLengthThreshold = 750; /** * @description Analyze a given string an give it a suspicion score (higher than 1 or 2 mean that the string is highly suspect). */ export function stringSuspicionScore(str) { const strLen = stringLength(str); if (strLen < kMaxSafeStringLen) { return 0; } const includeSpace = str.includes(" "); const includeSpaceAtStart = includeSpace ? str.slice(0, kMaxSafeStringLen).includes(" ") : false; let suspectScore = includeSpaceAtStart ? 0 : 1; if (strLen > kMinUnsafeStringLenThreshold) { suspectScore += Math.ceil(strLen / kScoreStringLengthThreshold); } return stringCharDiversity(str) >= kMaxSafeStringCharDiversity ? suspectScore + 2 : suspectScore; } //# sourceMappingURL=stringSuspicionScore.js.map