hopfma
/
om
Watch 4
Star 1
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Ohm-Management - Projektarbeit B-ME
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
232 Commits
2 Branches
Branch: developer
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'developer'
${ noResults }
om/node_modules/ldap-escape/README.md

README.md 1.8KB
Raw Permalink Normal View History

node_modules updated, buefy add to lib folder
5 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 
  1. # ldap-escape

  2. 

  3. Template literal tag functions for LDAP filters and distinguished names to prevent [LDAP injection](https://www.owasp.org/index.php/LDAP_injection) attacks.

  4. Uses the escape codes from [Active Directory: Characters to Escape](http://social.technet.microsoft.com/wiki/contents/articles/5312.active-directory-characters-to-escape.aspx).

  5. 

  6. ## Installation

  7. 

  8.     npm install --save ldap-escape

  9. 

  10. ## Specification

  11. 

  12. ### escapes for search filter

  13. 

  14. | Character | Escape |

  15. |-----------|--------|

  16. | `*`       | `\2A`  |

  17. | `(`       | `\28`  |

  18. | `)`       | `\29`  |

  19. | `\`       | `\5C`  |

  20. | `NUL`     | `\00`  |

  21. 

  22. ### escapes for distinguished names

  23. 

  24. | Character                   | Escape |

  25. |-----------------------------|--------|

  26. | `,`                         | `\,`   |

  27. | `\`                         | `\\`   |

  28. | `#`                         | `\#`   |

  29. | `+`                         | `\+`   |

  30. | `<`                         | `\<`   |

  31. | `>`                         | `\>`   |

  32. | `;`                         | `\;`   |

  33. | `"`                         | `\"`   |

  34. | `=`                         | `\=`   |

  35. | `SPC` (leading or trailing) | `\ `   |

  36. 

  37. ## Template Literal Tag Functions

  38. 

  39. ### ldapEscape.filter

  40. 

  41. Escapes input for use as an LDAP filter.

  42. 

  43. ### ldapEscape.dn

  44. 

  45. Escapes input for use as an LDAP distinguished name.

  46. 

  47. ## Examples

  48. 

  49. ### Escape a Search Filter

  50. 

  51.     "use strict";

  52. 

  53.     const ldapEscape = require('ldap-escape');

  54. 

  55.     const uid = 1337;

  56. 

  57.     console.log(ldapEscape.filter`uid=${uid}`); // -> '(uid=1337)'

  58. 

  59. ### Escape a DN

  60. 

  61.     "use strict";

  62. 

  63.     const ldapEscape = require('ldap-escape');

  64. 

  65.     const cn = 'alice';

  66. 

  67.     console.log(ldapEscape.dn`cn=${cn},dc=test`); // -> 'cn=alice,dc=test'

  68. 

  69. ## Testing

  70. 

  71.     npm test

  72. 

  73. ## License

  74. 

  75. See [LICENSE.md](https://github.com/tcort/ldap-escape/blob/master/LICENSE.md)