postgresql>> ldap-escape>> 返回
项目作者: tcort

项目描述 :
Escape functions for LDAP filters and distinguished names to prevent LDAP injection attacks.
高级语言: JavaScript
项目地址: git://github.com/tcort/ldap-escape.git
创建时间: 2015-11-12T22:10:00Z
项目社区:https://github.com/tcort/ldap-escape
开源协议:ISC License
下载


ldap-escape

Template literal tag functions for LDAP filters and distinguished names to prevent LDAP injection attacks.
Uses the escape codes from Active Directory: Characters to Escape.

Installation

  1. npm install --save ldap-escape

Specification

escapes for search filter

Character Escape
* \2A
( \28
) \29
\ \5C
NUL \00

escapes for distinguished names

Character Escape
, \,
\ \\
# \#
+ \+
< \<
> \>
; \;
" \"
= \=
SPC (leading or trailing) \

Template Literal Tag Functions

ldapEscape.filter

Escapes input for use as an LDAP filter.

ldapEscape.dn

Escapes input for use as an LDAP distinguished name.

Examples

Escape a Search Filter

  1. "use strict";
  3. const ldapEscape = require('ldap-escape');
  5. const uid = 1337;
  7. console.log(ldapEscape.filter`uid=${uid}`); // -> 'uid=1337'

Escape a DN

  1. "use strict";
  3. const ldapEscape = require('ldap-escape');
  5. const cn = 'alice';
  7. console.log(ldapEscape.dn`cn=${cn},dc=test`); // -> 'cn=alice,dc=test'

Testing

  1. npm test

License

See LICENSE.md