@ordojs/security
Version:
Security package for OrdoJS with XSS, CSRF, and injection protection
69 lines • 1.98 kB
TypeScript
/**
* Input Validation Types
* Defines interfaces and types for comprehensive input validation and sanitization
*/
export interface ValidationRule {
name: string;
validate: (value: any) => boolean;
message: string;
sanitize?: (value: any) => any;
}
export interface ValidationSchema {
[field: string]: ValidationRule[];
}
export interface ValidationResult {
isValid: boolean;
errors: ValidationError[];
sanitizedData: Record<string, any>;
}
export interface ValidationError {
field: string;
rule: string;
message: string;
value: any;
}
export interface SanitizationOptions {
stripHtml?: boolean;
escapeHtml?: boolean;
trimWhitespace?: boolean;
normalizeUnicode?: boolean;
maxLength?: number;
allowedChars?: RegExp;
blockedPatterns?: RegExp[];
}
export interface PathValidationOptions {
allowAbsolute?: boolean;
allowRelative?: boolean;
allowedExtensions?: string[];
blockedExtensions?: string[];
maxDepth?: number;
basePath?: string;
}
export interface RateLimitOptions {
windowMs: number;
maxRequests: number;
keyGenerator?: (req: any) => string;
skipSuccessfulRequests?: boolean;
skipFailedRequests?: boolean;
onLimitReached?: (req: any) => void;
}
export interface RateLimitStore {
get(key: string): Promise<number | null>;
set(key: string, value: number, ttl: number): Promise<void>;
increment(key: string, ttl: number): Promise<number>;
reset(key: string): Promise<void>;
}
export interface SqlInjectionPattern {
pattern: RegExp;
severity: 'low' | 'medium' | 'high' | 'critical';
description: string;
}
export interface InputValidatorConfig {
enableSqlInjectionPrevention?: boolean;
enablePathTraversalPrevention?: boolean;
enableXssProtection?: boolean;
enableRateLimiting?: boolean;
customRules?: ValidationRule[];
sanitizationDefaults?: SanitizationOptions;
}
//# sourceMappingURL=types.d.ts.map