class-sanitizer
Decorator based class property sanitation in Typescript powered by validator.js.
DEPRECATION NOTICE:
This library is considered to be deprecated and won't be updated anymore. Please use the class-transformer and/or class-validator libraries instead.
Installation
npm install class-sanitizer --saveUsage
To start using the library simply create some classes and add some sanitization decorators to the properties. When calling
sanitize(instance) the library will automatically apply the rules defined in the decorators to the properties and update
the value of every marked property respectively.
NOTE:
Every sanitization decorator is property decorator meaning it cannot be placed on parameters or class definitions.
; ; sanitizeinstance;// -> the label property is trimmed now// -> { label: 'text-with-spaces-on-both-end' }Validating arrays
Every decorator expects a SanitationOptions object. When the each property is set to true
the array will be iterated and the decorator will be applied to every element of the array.
; ; sanitizeinstance;// -> Every value is trimmed in instance.labels now.// -> { labels: ['labelA', 'labelB', 'labelC']}Inheritance
Class inheritance is supported, every decorator defined on the base-class will be applied to the property with same name on the descendant class if the property exists.
Note:
Only one level of inheritance is supported! So if you haveClassAinheritClassBwhich inheritsClassCthe decorators fromClassCwon't be applied toClassAwhen sanitizing.
; ;instance.baseText = ' text ';instance.descendantText = ' text '; sanitizeinstance;// -> Both value is trimmed now.// -> { baseText: 'text', descendantText: 'text' }Sanitizing nested values with @SanitizeNested() decorator
The @SanitizeNested property can be used to instruct the library to lookup the sanitization rules
for the class instance found on the marked property and sanitize it.
; ;;;;instance.children = ;instance.child = innerC; sanitizeinstance;// -> Both values in the array on `children` property and value on `child` property is sanitized.// -> { children: [ { text: 'innerA' }, { text: 'innerB' }], child: { 'innerC' }}Custom sanitation classes
The @SanitizerConstraint( decorator can be used to define custom sanitization logic. Creating a custom sanitization class requires the following steps:
-
Create a class which implements the
CustomSanitizerinterface and decorate the class with the@SanitizerConstraint()decorator.;; -
Then you can use your new sanitation constraint in your class:
;; -
Now you can use sanitizer as usual:
;sanitizepost;
Manual sanitation
There are several method exist in the Sanitizer that allows to perform non-decorator based sanitation:
; Sanitizer.trim` Let's trim this! `;Sanitization decorators
The following property decorators are available.
| Decorator | Description |
|---|---|
@Blacklist(chars: string) |
Removes all characters that appear in the blacklist. |
@Whitelist(chars: string) |
Removes all characters that don't appear in the whitelist. |
@Trim(chars?: string) |
Trims characters (whitespace by default) from both sides of the input. You can specify chars that should be trimmed. |
@Ltrim(chars?: string) |
Trims characters from the left-side of the input. |
@Rtrim(chars?: string) |
Trims characters from the right-side of the input. |
@Escape() |
Replaces <, >, &, ', " and / with HTML entities. |
@NormalizeEmail(lowercase?: boolean) |
Normalizes an email address. |
@StripLow(keepNewLines?: boolean) |
Removes characters with a numerical value < 32 and 127, mostly control characters. |
@ToBoolean(isStrict?: boolean) |
Converts the input to a boolean. Everything except for '0', 'false' and '' returns true. In strict mode only '1' and 'true' return true. |
@ToDate() |
Converts the input to a date, or null if the input is not a date. |
@ToFloat() |
Converts the input to a float, or NaN if the input is not an integer. |
@ToInt(radix?: number) |
Converts the input to an integer, or NaN if the input is not an integer. |
@ToString() |
Converts the input to a string. |