contains-path-traversal/dist/index.cjs

🚶 Does this string contain path traversal?

var __defProp = Object.defineProperty;
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
var __getOwnPropNames = Object.getOwnPropertyNames;
var __hasOwnProp = Object.prototype.hasOwnProperty;
var __export = (target, all) => {
  for (var name in all)
    __defProp(target, name, { get: all[name], enumerable: true });
};
var __copyProps = (to, from, except, desc) => {
  if (from && typeof from === "object" || typeof from === "function") {
    for (let key of __getOwnPropNames(from))
      if (!__hasOwnProp.call(to, key) && key !== except)
        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
  }
  return to;
};
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);

// src/index.ts
var index_exports = {};
__export(index_exports, {
  containsPathTraversal: () => containsPathTraversal
});
module.exports = __toCommonJS(index_exports);
var MAX_DECODE_ROUNDS = 4;
function containsPathTraversal(pathname, { maxIterations } = {
  maxIterations: MAX_DECODE_ROUNDS
}) {
  return recursiveDecode(pathname, 0, maxIterations).split("/").includes("..");
}
function recursiveDecode(string, iteration, maxIterations) {
  if (iteration >= maxIterations) return string;
  try {
    const decoded = decodeURIComponent(string);
    if (decoded === string) return string;
    return recursiveDecode(decoded, iteration + 1, maxIterations);
  } catch {
    return string;
  }
}
// Annotate the CommonJS export names for ESM import in node:
0 && (module.exports = {
  containsPathTraversal
});
//# sourceMappingURL=index.cjs.map