diff options
| author | Elizabeth Hunt <lizhunt@amazon.com> | 2025-05-13 18:58:45 -0700 |
|---|---|---|
| committer | Elizabeth Hunt <lizhunt@amazon.com> | 2025-05-13 18:58:54 -0700 |
| commit | 1d66a0f58e4ebcdf4f42c9d78f82a1ab49a2cf11 (patch) | |
| tree | 07073c060b61688e4635fd4658315cc683589d3d /u/process/validate_identifier.ts | |
| parent | 2543ac8b11af11f034836591046cdb52911f9403 (diff) | |
| download | ci-1d66a0f58e4ebcdf4f42c9d78f82a1ab49a2cf11.tar.gz ci-1d66a0f58e4ebcdf4f42c9d78f82a1ab49a2cf11.zip | |
snapshot!
Diffstat (limited to 'u/process/validate_identifier.ts')
| -rw-r--r-- | u/process/validate_identifier.ts | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/u/process/validate_identifier.ts b/u/process/validate_identifier.ts new file mode 100644 index 0000000..ec8b77b --- /dev/null +++ b/u/process/validate_identifier.ts @@ -0,0 +1,17 @@ +import { Either } from "./mod.ts"; + +export const validateIdentifier = (token: string) => { + return (/^[a-zA-Z0-9_\-:. \/]+$/).test(token) && !token.includes(".."); +}; + +// ensure {@param obj} is a Record<string, string> with stuff that won't +// have the potential for shell injection, just to be super safe. +export const validateExecutionEntries = ( + obj: Record<string, unknown>, +): Either<Array<[string, unknown]>, Record<string, string>> => { + const invalidEntries = Object.entries(obj).filter((e) => + !e.every((x) => typeof x === "string" && validateIdentifier(x)) + ); + if (invalidEntries.length > 0) return Either.left(invalidEntries); + return Either.right(<Record<string, string>> obj); +}; |