tslint-config-security
Version:
TSLint security rules
43 lines (42 loc) • 1.5 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
function createMainKeywordsPattern(keyword) {
return new RegExp("(^|\\s)(" + keyword + ")");
}
var selectKeyword = createMainKeywordsPattern('SELECT');
var deleteKeyword = createMainKeywordsPattern('DELETE');
var insertKeyword = createMainKeywordsPattern('INSERT');
var updateKeyword = createMainKeywordsPattern('UPDATE');
var dropKeyword = createMainKeywordsPattern('DROP');
var createKeyword = createMainKeywordsPattern('CREATE');
var alterKeyword = createMainKeywordsPattern('ALTER');
function isSqlQuery(q) {
if (!q[11]) {
return false;
}
var query = q.toUpperCase();
if (selectKeyword.test(query) && (query.includes(' FROM ') || query.includes('*FROM '))) {
return true;
}
if (insertKeyword.test(query) && query.includes(' INTO ')) {
return true;
}
if (updateKeyword.test(query) && query.includes(' SET ')) {
return true;
}
if (deleteKeyword.test(query) && query.includes(' FROM ')) {
return true;
}
if (dropKeyword.test(query) && (query.includes(' TABLE ') || query.includes(' DATABASE '))) {
return true;
}
if (createKeyword.test(query) &&
(query.includes(' INDEX ') || query.includes(' TABLE ') || query.includes(' DATABASE '))) {
return true;
}
if (alterKeyword.test(query) && query.includes(' TABLE ')) {
return true;
}
return false;
}
exports.isSqlQuery = isSqlQuery;