-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
8 changed files
with
453 additions
and
77 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
Copyright (c) 2015 Chris O'Hara <[email protected]> | ||
Copyright (c) 2016 Chris O'Hara <[email protected]> | ||
|
||
Permission is hereby granted, free of charge, to any person obtaining | ||
a copy of this software and associated documentation files (the | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -31,18 +31,28 @@ The library can also be installed through [bower][bower] | |
$ bower install validator-js | ||
``` | ||
|
||
### Strings only | ||
|
||
**This library validates and sanitizes strings only**. | ||
|
||
All input is coerced to a string using the following rules: | ||
|
||
- Call the `toString` property if available. | ||
- Replace `null`, `undefined`, `NaN` or items with `.length === 0` with an empty string. | ||
- Everything else is coerced with `'' + input`. | ||
|
||
### Validators | ||
|
||
- **contains(str, seed)** - check if the string contains the seed. | ||
- **equals(str, comparison)** - check if the string matches the comparison. | ||
- **isAfter(str [, date])** - check if the string is a date that's after the specified date (defaults to now). | ||
- **isAlpha(str)** - check if the string contains only letters (a-zA-Z). | ||
- **isAlphanumeric(str)** - check if the string contains only letters and numbers. | ||
- **isAlpha(str [, locale])** - check if the string contains only letters (a-zA-Z). Locale is one of `['en-US', 'de-DE']`) and defaults to `en-US`. | ||
- **isAlphanumeric(str [, locale])** - check if the string contains only letters and numbers. Locale is one of `['en-US', 'de-DE']`) and defaults to `en-US`. | ||
- **isAscii(str)** - check if the string contains ASCII chars only. | ||
- **isBase64(str)** - check if a string is base64 encoded. | ||
- **isBefore(str [, date])** - check if the string is a date that's before the specified date. | ||
- **isBoolean(str)** - check if a string is a boolean. | ||
- **isByteLength(str, min [, max])** - check if the string's length (in bytes) falls in a range. | ||
- **isByteLength(str, options)** - check if the string's length (in bytes) falls in a range.`options` is an object which defaults to `{min:0, max: undefined}`. | ||
- **isCreditCard(str)** - check if the string is a credit card. | ||
- **isCurrency(str, options)** - check if the string is a valid currency amount. `options` is an object which defaults to `{symbol: '$', require_symbol: false, allow_space_after_symbol: false, symbol_after_digits: false, allow_negatives: true, parens_for_negatives: false, negative_sign_before_digits: false, negative_sign_after_digits: false, allow_negative_sign_placeholder: false, thousands_separator: ',', decimal_separator: '.', allow_space_after_digits: false }`. | ||
- **isDate(str)** - check if the string is a date. | ||
|
@@ -62,9 +72,10 @@ $ bower install validator-js | |
- **isIn(str, values)** - check if the string is in a array of allowed values. | ||
- **isInt(str [, options])** - check if the string is an integer. `options` is an object which can contain the keys `min` and/or `max` to check the integer is within boundaries (e.g. `{ min: 10, max: 99 }`). | ||
- **isJSON(str)** - check if the string is valid JSON (note: uses JSON.parse). | ||
- **isLength(str, min [, max])** - check if the string's length falls in a range. Note: this function takes into account surrogate pairs. | ||
- **isLength(str, options)** - check if the string's length falls in a range. `options` is an object which defaults to `{min:0, max: undefined}`. Note: this function takes into account surrogate pairs. | ||
- **isLowercase(str)** - check if the string is lowercase. | ||
- **isMobilePhone(str, locale)** - check if the string is a mobile phone number, (locale is one of `['zh-CN', 'zh-TW', 'en-ZA', 'en-AU', 'en-HK', 'pt-PT', 'fr-FR', 'el-GR', 'en-GB', 'en-US', 'en-ZM', 'ru-RU', 'nb-NO', 'nn-NO', 'vi-VN', 'en-NZ', 'fi-FI']`). | ||
- **isMACAddress(str)** - check if the string is a MAC address. | ||
- **isMobilePhone(str, locale)** - check if the string is a mobile phone number, (locale is one of `['zh-CN', 'zh-TW', 'en-ZA', 'en-AU', 'en-HK', 'pt-PT', 'fr-FR', 'el-GR', 'en-GB', 'en-US', 'en-ZM', 'ru-RU', 'nb-NO', 'nn-NO', 'vi-VN', 'en-NZ', 'en-IN', 'es-ES', 'de-DE', 'fi-FI']`). | ||
- **isMongoId(str)** - check if the string is a valid hex-encoded representation of a [MongoDB ObjectId][mongoid]. | ||
- **isMultibyte(str)** - check if the string contains one or more multibyte chars. | ||
- **isNull(str)** - check if the string is null. | ||
|
@@ -74,14 +85,15 @@ $ bower install validator-js | |
- **isUUID(str [, version])** - check if the string is a UUID (version 3, 4 or 5). | ||
- **isUppercase(str)** - check if the string is uppercase. | ||
- **isVariableWidth(str)** - check if the string contains a mixture of full and half-width chars. | ||
- **isWhitelisted(str, chars)** - checks characters if they appear in the whitelist. | ||
- **matches(str, pattern [, modifiers])** - check if string matches the pattern. Either `matches('foo', /foo/i)` or `matches('foo', 'foo', 'i')`. | ||
|
||
### Sanitizers | ||
|
||
- **blacklist(input, chars)** - remove characters that appear in the blacklist. The characters are used in a RegExp and so you will need to escape some chars, e.g. `blacklist(input, '\\[\\]')`. | ||
- **escape(input)** - replace `<`, `>`, `&`, `'`, `"` and `/` with HTML entities. | ||
- **ltrim(input [, chars])** - trim characters from the left-side of the input. | ||
- **normalizeEmail(email [, options])** - canonicalize an email address. `options` is an object which defaults to `{ lowercase: true }`. With `lowercase` set to `true`, the local part of the email address is lowercased for all domains; the hostname is always lowercased and the local part of the email address is always lowercased for hosts that are known to be case-insensitive (currently only GMail). Normalization follows special rules for known providers: currently, GMail addresses have dots removed in the local part and are stripped of tags (e.g. `some.one+tag@gmail.com` becomes `[email protected]`) and all `@googlemail.com` addresses are normalized to `@gmail.com`. | ||
- **normalizeEmail(email [, options])** - canonicalize an email address. `options` is an object which defaults to `{ lowercase: true, remove_dots: true, remove_extension: true }`. With `lowercase` set to `true`, the local part of the email address is lowercased for all domains; the hostname is always lowercased and the local part of the email address is always lowercased for hosts that are known to be case-insensitive (currently only GMail). Normalization follows special rules for known providers: currently, GMail addresses have dots removed in the local part and are stripped of extensions (e.g. `some.one+extension@gmail.com` becomes `[email protected]`) and all `@googlemail.com` addresses are normalized to `@gmail.com`. | ||
- **rtrim(input [, chars])** - trim characters from the right-side of the input. | ||
- **stripLow(input [, keep_new_lines])** - remove characters with a numerical value < 32 and 127, mostly control characters. If `keep_new_lines` is `true`, newline characters are preserved (`\n` and `\r`, hex `0xA` and `0xD`). Unicode-safe in JavaScript. | ||
- **toBoolean(input [, strict])** - convert the input to a boolean. Everything except for `'0'`, `'false'` and `''` returns `true`. In strict mode only `'1'` and `'true'` return `true`. | ||
|
@@ -98,14 +110,6 @@ XSS sanitization was removed from the library in [2d5d6999](https://github.com/c | |
|
||
For an alternative, look at Yahoo's [xss-filters library](https://github.com/yahoo/xss-filters). | ||
|
||
### Strings only | ||
|
||
This library validates and sanitizes **strings** only. All input will be coerced to a string using the following rules | ||
|
||
- Call the `toString` property if available. | ||
- Replace `null`, `undefined` or `NaN` with an empty string. | ||
- Everything else is coerced with `input + ''`. | ||
|
||
### Extensions | ||
|
||
You can add your own validators using `validator.extend(name, fn)` | ||
|
@@ -139,7 +143,7 @@ Tests require node v4.0+. | |
### License (MIT) | ||
|
||
``` | ||
Copyright (c) 2015 Chris O'Hara <[email protected]> | ||
Copyright (c) 2016 Chris O'Hara <[email protected]> | ||
Permission is hereby granted, free of charge, to any person obtaining | ||
a copy of this software and associated documentation files (the | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -198,7 +198,9 @@ describe('Sanitizers', function () { | |
, 'an invalid email address': false | ||
, '': false | ||
, '[email protected]': false | ||
// [email protected] was removed from test cases because of a bug with validator.isEmail. See issue #258 | ||
, '[email protected]': false | ||
, '[email protected]': false | ||
, '[email protected]': '[email protected]' | ||
} | ||
}); | ||
test({ | ||
|
@@ -211,13 +213,27 @@ describe('Sanitizers', function () { | |
, '[email protected]': '[email protected]' | ||
, '[email protected]': '[email protected]' | ||
, '[email protected]': '[email protected]' | ||
|
||
// Domains that are known for being case-insensitive are always lowercased | ||
, '[email protected]': '[email protected]' | ||
, '[email protected]': '[email protected]' | ||
, '[email protected]': '[email protected]' | ||
} | ||
}); | ||
test({ | ||
sanitizer: 'normalizeEmail' | ||
, args: [{remove_dots: false}] | ||
, expect: { | ||
'[email protected]': '[email protected]' | ||
} | ||
}); | ||
test({ | ||
sanitizer: 'normalizeEmail' | ||
, args: [{remove_extension: false}] | ||
, expect: { | ||
'[email protected]': '[email protected]' | ||
} | ||
}); | ||
}); | ||
|
||
}); |
Oops, something went wrong.