UNPKG

nehonix-uri-processor

Version:

A powerful URI processor for encoding, decoding, and analyzing URI data securely.

lab.nehonix.space

nehonix/nehonixUriProcessor

100 lines 2.84 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
import { MaliciousPatternOptions } from "../services/MaliciousPatterns.service"; import { URLAnalysisResult } from "./index"; /** * Represents a comparison of different URI encoding variants for security testing. * Used by the compareUriVariants method to evaluate encoding effectiveness against WAFs. */ export interface UriVariantComparison { /** * The encoded variant of the URI. */ variant: string; /** * The encoding type used to generate this variant. */ encoding: string; /** * Whether this variant is likely to pass common security filters. */ isSafe: boolean; } /** * Comprehensive security report for a URI, including vulnerability analysis, * encoding variants, and security recommendations. */ export interface UriSecurityReport { /** * Analysis of the URL structure and potential vulnerabilities. */ analysis: URLAnalysisResult; /** * Comparison of different encoding variants for WAF testing. */ variants: UriVariantComparison[]; /** * Actionable security recommendations based on the analysis. */ recommendations: string[]; } /** * Options for the autoDetectAndDecodeAsync method. */ export interface AsyncDecodeOptions { /** * Maximum number of decoding iterations to prevent infinite loops. * @default 10 */ maxIterations?: number; /** * Whether to use a Web Worker for decoding (browser only). * @default false */ useWorker?: boolean; } export interface WAFMaliciousPatternOptions { /** * If true, detects common SQL injection patterns. * @default true */ detectSqlInjection?: boolean; /** * If true, detects common XSS attack patterns. * @default true */ detectXss?: boolean; /** * If true, detects path traversal attempts. * @default true */ detectPathTraversal?: boolean; /** * If true, detects command injection attempts. * @default true */ detectCommandInjection?: boolean; /** * Custom patterns to detect (as regular expressions). */ customPatterns?: RegExp[]; } /** * Extended URL validation options for v2.2.0. */ export default interface ExtendedUrlValidationOptions { /** * If true, enables detection of malicious patterns in URL parameters. * @default false */ detectMaliciousPatterns?: boolean; /** * If true, allows non-ASCII characters in URIs (normalized with punycode). * @default false */ allowInternationalChars?: boolean; /** * Specific options for malicious pattern detection. */ maliciousPatternOptions?: MaliciousPatternOptions; } export type MaliciousComponentType = "protocol" | "hostname" | "path" | "query" | "fragment"; //# sourceMappingURL=v2.2.0.d.ts.map