Fixed extra lines in <pre> and added validation and tests for mentions

nozer · Jan 13, 2018 · 1229628 · 1229628
1 parent 731263c
commit 1229628
Show file tree

Hide file tree

Showing 3 changed files with 145 additions and 0 deletions.
diff --git a/dist/commonjs/mentions/MentionSanitizer.js b/dist/commonjs/mentions/MentionSanitizer.js
@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+require("./../extensions/String");
+var MentionSanitizer = (function () {
+    function MentionSanitizer() {
+    }
+    MentionSanitizer.sanitize = function (dirtyObj) {
+        var cleanObj = {};
+        if (!dirtyObj || typeof dirtyObj !== 'object') {
+            return cleanObj;
+        }
+        if (dirtyObj.class && MentionSanitizer.IsValidClass(dirtyObj.class)) {
+            cleanObj.class = dirtyObj.class;
+        }
+        if (dirtyObj.id && MentionSanitizer.IsValidId(dirtyObj.id)) {
+            cleanObj.id = dirtyObj.id;
+        }
+        if (MentionSanitizer.IsValidTarget(dirtyObj.target)) {
+            cleanObj.target = dirtyObj.target;
+        }
+        if (dirtyObj.avatar) {
+            cleanObj.avatar = (dirtyObj.avatar + '')._scrubUrl();
+        }
+        if (dirtyObj['end-point']) {
+            cleanObj['end-point'] = (dirtyObj['end-point'] + '')._scrubUrl();
+        }
+        if (dirtyObj.slug) {
+            cleanObj.slug = (dirtyObj.slug + '')._scrubUrl();
+        }
+        return cleanObj;
+    };
+    MentionSanitizer.IsValidClass = function (classAttr) {
+        return !!classAttr.match(/^[a-zA-Z0-9_\-]{1,500}$/i);
+    };
+    MentionSanitizer.IsValidId = function (idAttr) {
+        return !!idAttr.match(/^[a-zA-Z0-9_\-\:\.]{1,500}$/i);
+    };
+    MentionSanitizer.IsValidTarget = function (target) {
+        return ['_self', '_blank', '_parent', '_top'].indexOf(target) > -1;
+    };
+    return MentionSanitizer;
+}());
+exports.MentionSanitizer = MentionSanitizer;
diff --git a/src/mentions/MentionSanitizer.ts b/src/mentions/MentionSanitizer.ts
@@ -0,0 +1,66 @@
+
+import './../extensions/String';
+
+interface IMention {
+   [index: string]: string,
+   'name'?: string,
+   'target'?: string,
+   'slug'?: string,
+   'class'?: string,
+   'avatar'?: string,
+   'id'?: string,
+   'end-point'?: string
+}
+
+class MentionSanitizer {
+
+   static sanitize(dirtyObj: IMention): IMention {
+
+      var cleanObj: any = {};
+
+      if (!dirtyObj || typeof dirtyObj !== 'object') {
+         return cleanObj;
+      }
+
+      if (dirtyObj.class && MentionSanitizer.IsValidClass(dirtyObj.class)) {
+         cleanObj.class = dirtyObj.class;
+      }
+
+      if (dirtyObj.id && MentionSanitizer.IsValidId(dirtyObj.id)) {
+         cleanObj.id = dirtyObj.id;
+      }
+
+      if (MentionSanitizer.IsValidTarget(dirtyObj.target)) {
+         cleanObj.target = dirtyObj.target;
+      }
+
+      if (dirtyObj.avatar) {
+         cleanObj.avatar = (dirtyObj.avatar + '')._scrubUrl();
+      }
+
+      if (dirtyObj['end-point']) {
+         cleanObj['end-point'] = (dirtyObj['end-point'] + '')._scrubUrl();
+      }
+
+      if (dirtyObj.slug) {
+         cleanObj.slug = (dirtyObj.slug + '')._scrubUrl();
+      }
+
+      return cleanObj;
+   }
+
+   static IsValidClass(classAttr: string) {
+      return !!classAttr.match(/^[a-zA-Z0-9_\-]{1,500}$/i);
+   }
+
+   static IsValidId(idAttr: string) {
+      return !!idAttr.match(/^[a-zA-Z0-9_\-\:\.]{1,500}$/i);
+   }
+
+   static IsValidTarget(target: string) {
+      return ['_self', '_blank', '_parent', '_top'].indexOf(target) > -1;
+   }
+
+}
+
+export { MentionSanitizer, IMention }
diff --git a/test/mentions/MentionSanitizer.test.ts b/test/mentions/MentionSanitizer.test.ts
@@ -0,0 +1,36 @@
+import 'mocha';
+import * as assert from 'assert';
+
+import {MentionSanitizer} from "./../../src/mentions/MentionSanitizer";
+import { IMention } from '../../src/mentions/MentionSanitizer';
+
+describe('MentionSanitizer', function () {
+
+    describe('#sanitize()', function() {
+        it('should return sanitized data', function() {
+            let sanitized = MentionSanitizer.sanitize(<any>
+               {
+                  'class': 'A-cls-9',
+                  id: 'An-id_9:.',
+                  target: '_blank',
+                  avatar: 'http://www.yahoo.com',
+                  'end-point': 'http://abc.com',
+                  slug: 'my-name'
+                }
+            );
+            console.log(sanitized);
+            assert.deepEqual(sanitized, {
+               'class': 'A-cls-9',
+               id: 'An-id_9:.',
+               target: '_blank',
+               avatar: 'http://www.yahoo.com',
+               'end-point': 'http://abc.com',
+               slug: 'my-name'
+             })
+        });
+
+        assert.deepEqual(MentionSanitizer.sanitize(<any>'a'), {});
+
+        assert.deepEqual(MentionSanitizer.sanitize({id: 'sb'}), {id: 'sb'});
+    });
+});