UNPKG

better-auth

Version:

The most comprehensive authentication framework for TypeScript.

better-auth.com

better-auth/better-auth

1 lines 6.64 kB
1
{"version":3,"file":"parser.mjs","names":["value"],"sources":["../../src/client/parser.ts"],"sourcesContent":["const PROTO_POLLUTION_PATTERNS = {\n\tproto:\n\t\t/\"(?:_|\\\\u0{2}5[Ff]){2}(?:p|\\\\u0{2}70)(?:r|\\\\u0{2}72)(?:o|\\\\u0{2}6[Ff])(?:t|\\\\u0{2}74)(?:o|\\\\u0{2}6[Ff])(?:_|\\\\u0{2}5[Ff]){2}\"\\s*:/,\n\tconstructor:\n\t\t/\"(?:c|\\\\u0063)(?:o|\\\\u006[Ff])(?:n|\\\\u006[Ee])(?:s|\\\\u0073)(?:t|\\\\u0074)(?:r|\\\\u0072)(?:u|\\\\u0075)(?:c|\\\\u0063)(?:t|\\\\u0074)(?:o|\\\\u006[Ff])(?:r|\\\\u0072)\"\\s*:/,\n\tprotoShort: /\"__proto__\"\\s*:/,\n\tconstructorShort: /\"constructor\"\\s*:/,\n} as const;\n\nconst JSON_SIGNATURE =\n\t/^\\s*[\"[{]|^\\s*-?\\d{1,16}(\\.\\d{1,17})?([Ee][+-]?\\d+)?\\s*$/;\n\nconst SPECIAL_VALUES = {\n\ttrue: true,\n\tfalse: false,\n\tnull: null,\n\tundefined: undefined,\n\tnan: Number.NaN,\n\tinfinity: Number.POSITIVE_INFINITY,\n\t\"-infinity\": Number.NEGATIVE_INFINITY,\n} as const;\n\nconst ISO_DATE_REGEX =\n\t/^(\\d{4})-(\\d{2})-(\\d{2})T(\\d{2}):(\\d{2}):(\\d{2})(?:\\.(\\d{1,7}))?(?:Z|([+-])(\\d{2}):(\\d{2}))$/;\n\ntype ParseOptions = {\n\t/** Throw errors instead of returning the original value */\n\tstrict?: boolean | undefined;\n\t/** Log warnings when suspicious patterns are detected */\n\twarnings?: boolean | undefined;\n\t/** Custom reviver function */\n\treviver?: ((key: string, value: any) => any) | undefined;\n\t/** Automatically convert ISO date strings to Date objects */\n\tparseDates?: boolean | undefined;\n};\n\nfunction isValidDate(date: Date): boolean {\n\treturn date instanceof Date && !isNaN(date.getTime());\n}\n\nfunction parseISODate(value: string): Date | null {\n\tconst match = ISO_DATE_REGEX.exec(value);\n\tif (!match) return null;\n\n\tconst [\n\t\t,\n\t\tyear,\n\t\tmonth,\n\t\tday,\n\t\thour,\n\t\tminute,\n\t\tsecond,\n\t\tms,\n\t\toffsetSign,\n\t\toffsetHour,\n\t\toffsetMinute,\n\t] = match;\n\n\tlet date = new Date(\n\t\tDate.UTC(\n\t\t\tparseInt(year!, 10),\n\t\t\tparseInt(month!, 10) - 1,\n\t\t\tparseInt(day!, 10),\n\t\t\tparseInt(hour!, 10),\n\t\t\tparseInt(minute!, 10),\n\t\t\tparseInt(second!, 10),\n\t\t\tms ? parseInt(ms.padEnd(3, \"0\"), 10) : 0,\n\t\t),\n\t);\n\n\tif (offsetSign) {\n\t\tconst offset =\n\t\t\t(parseInt(offsetHour!, 10) * 60 + parseInt(offsetMinute!, 10)) *\n\t\t\t(offsetSign === \"+\" ? -1 : 1);\n\t\tdate.setUTCMinutes(date.getUTCMinutes() + offset);\n\t}\n\n\treturn isValidDate(date) ? date : null;\n}\n\nfunction betterJSONParse<T = unknown>(\n\tvalue: unknown,\n\toptions: ParseOptions = {},\n): T {\n\tconst {\n\t\tstrict = false,\n\t\twarnings = false,\n\t\treviver,\n\t\tparseDates = true,\n\t} = options;\n\n\tif (typeof value !== \"string\") {\n\t\treturn value as T;\n\t}\n\n\tconst trimmed = value.trim();\n\n\tif (\n\t\ttrimmed.length > 0 &&\n\t\ttrimmed[0] === '\"' &&\n\t\ttrimmed.endsWith('\"') &&\n\t\t!trimmed.slice(1, -1).includes('\"')\n\t) {\n\t\treturn trimmed.slice(1, -1) as T;\n\t}\n\n\tconst lowerValue = trimmed.toLowerCase();\n\tif (lowerValue.length <= 9 && lowerValue in SPECIAL_VALUES) {\n\t\treturn SPECIAL_VALUES[lowerValue as keyof typeof SPECIAL_VALUES] as T;\n\t}\n\n\tif (!JSON_SIGNATURE.test(trimmed)) {\n\t\tif (strict) {\n\t\t\tthrow new SyntaxError(\"[better-json] Invalid JSON\");\n\t\t}\n\t\treturn value as T;\n\t}\n\n\tconst hasProtoPattern = Object.entries(PROTO_POLLUTION_PATTERNS).some(\n\t\t([key, pattern]) => {\n\t\t\tconst matches = pattern.test(trimmed);\n\t\t\tif (matches && warnings) {\n\t\t\t\tconsole.warn(\n\t\t\t\t\t`[better-json] Detected potential prototype pollution attempt using ${key} pattern`,\n\t\t\t\t);\n\t\t\t}\n\t\t\treturn matches;\n\t\t},\n\t);\n\n\tif (hasProtoPattern && strict) {\n\t\tthrow new Error(\n\t\t\t\"[better-json] Potential prototype pollution attempt detected\",\n\t\t);\n\t}\n\n\ttry {\n\t\tconst secureReviver = (key: string, value: any) => {\n\t\t\tif (\n\t\t\t\tkey === \"__proto__\" ||\n\t\t\t\t(key === \"constructor\" &&\n\t\t\t\t\tvalue &&\n\t\t\t\t\ttypeof value === \"object\" &&\n\t\t\t\t\t\"prototype\" in value)\n\t\t\t) {\n\t\t\t\tif (warnings) {\n\t\t\t\t\tconsole.warn(\n\t\t\t\t\t\t`[better-json] Dropping \"${key}\" key to prevent prototype pollution`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\treturn undefined;\n\t\t\t}\n\n\t\t\tif (parseDates && typeof value === \"string\") {\n\t\t\t\tconst date = parseISODate(value);\n\t\t\t\tif (date) {\n\t\t\t\t\treturn date;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\treturn reviver ? reviver(key, value) : value;\n\t\t};\n\n\t\treturn JSON.parse(trimmed, secureReviver);\n\t} catch (error) {\n\t\tif (strict) {\n\t\t\tthrow error;\n\t\t}\n\t\treturn value as T;\n\t}\n}\n\nexport function parseJSON<T = unknown>(\n\tvalue: unknown,\n\toptions: ParseOptions = { strict: true },\n): T {\n\treturn betterJSONParse<T>(value, options);\n}\n"],"mappings":";AAAA,MAAM,2BAA2B;CAChC,OACC;CACD,aACC;CACD,YAAY;CACZ,kBAAkB;CAClB;AAED,MAAM,iBACL;AAED,MAAM,iBAAiB;CACtB,MAAM;CACN,OAAO;CACP,MAAM;CACN,WAAW;CACX,KAAK;CACL,UAAU,OAAO;CACjB,aAAa,OAAO;CACpB;AAED,MAAM,iBACL;AAaD,SAAS,YAAY,MAAqB;AACzC,QAAO,gBAAgB,QAAQ,CAAC,MAAM,KAAK,SAAS,CAAC;;AAGtD,SAAS,aAAa,OAA4B;CACjD,MAAM,QAAQ,eAAe,KAAK,MAAM;AACxC,KAAI,CAAC,MAAO,QAAO;CAEnB,MAAM,GAEL,MACA,OACA,KACA,MACA,QACA,QACA,IACA,YACA,YACA,gBACG;CAEJ,IAAI,OAAO,IAAI,KACd,KAAK,IACJ,SAAS,MAAO,GAAG,EACnB,SAAS,OAAQ,GAAG,GAAG,GACvB,SAAS,KAAM,GAAG,EAClB,SAAS,MAAO,GAAG,EACnB,SAAS,QAAS,GAAG,EACrB,SAAS,QAAS,GAAG,EACrB,KAAK,SAAS,GAAG,OAAO,GAAG,IAAI,EAAE,GAAG,GAAG,EACvC,CACD;AAED,KAAI,YAAY;EACf,MAAM,UACJ,SAAS,YAAa,GAAG,GAAG,KAAK,SAAS,cAAe,GAAG,KAC5D,eAAe,MAAM,KAAK;AAC5B,OAAK,cAAc,KAAK,eAAe,GAAG,OAAO;;AAGlD,QAAO,YAAY,KAAK,GAAG,OAAO;;AAGnC,SAAS,gBACR,OACA,UAAwB,EAAE,EACtB;CACJ,MAAM,EACL,SAAS,OACT,WAAW,OACX,SACA,aAAa,SACV;AAEJ,KAAI,OAAO,UAAU,SACpB,QAAO;CAGR,MAAM,UAAU,MAAM,MAAM;AAE5B,KACC,QAAQ,SAAS,KACjB,QAAQ,OAAO,QACf,QAAQ,SAAS,KAAI,IACrB,CAAC,QAAQ,MAAM,GAAG,GAAG,CAAC,SAAS,KAAI,CAEnC,QAAO,QAAQ,MAAM,GAAG,GAAG;CAG5B,MAAM,aAAa,QAAQ,aAAa;AACxC,KAAI,WAAW,UAAU,KAAK,cAAc,eAC3C,QAAO,eAAe;AAGvB,KAAI,CAAC,eAAe,KAAK,QAAQ,EAAE;AAClC,MAAI,OACH,OAAM,IAAI,YAAY,6BAA6B;AAEpD,SAAO;;AAeR,KAZwB,OAAO,QAAQ,yBAAyB,CAAC,MAC/D,CAAC,KAAK,aAAa;EACnB,MAAM,UAAU,QAAQ,KAAK,QAAQ;AACrC,MAAI,WAAW,SACd,SAAQ,KACP,sEAAsE,IAAI,UAC1E;AAEF,SAAO;GAER,IAEsB,OACtB,OAAM,IAAI,MACT,+DACA;AAGF,KAAI;EACH,MAAM,iBAAiB,KAAa,YAAe;AAClD,OACC,QAAQ,eACP,QAAQ,iBACRA,WACA,OAAOA,YAAU,YACjB,eAAeA,SACf;AACD,QAAI,SACH,SAAQ,KACP,2BAA2B,IAAI,sCAC/B;AAEF;;AAGD,OAAI,cAAc,OAAOA,YAAU,UAAU;IAC5C,MAAM,OAAO,aAAaA,QAAM;AAChC,QAAI,KACH,QAAO;;AAIT,UAAO,UAAU,QAAQ,KAAKA,QAAM,GAAGA;;AAGxC,SAAO,KAAK,MAAM,SAAS,cAAc;UACjC,OAAO;AACf,MAAI,OACH,OAAM;AAEP,SAAO;;;AAIT,SAAgB,UACf,OACA,UAAwB,EAAE,QAAQ,MAAM,EACpC;AACJ,QAAO,gBAAmB,OAAO,QAAQ"}