You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
README.md 1.8KB
README.md 1.8KB
ldap-escape
Template literal tag functions for LDAP filters and distinguished names to prevent LDAP injection attacks. Uses the escape codes from Active Directory: Characters to Escape.
Installation
npm install --save ldap-escape
Specification
escapes for search filter
| Character | Escape |
|---|---|
* |
\2A |
( |
\28 |
) |
\29 |
\ |
\5C |
NUL |
\00 |
escapes for distinguished names
| Character | Escape |
|---|---|
, |
\, |
\ |
\\ |
# |
\# |
+ |
\+ |
< |
\< |
> |
\> |
; |
\; |
" |
\" |
= |
\= |
SPC (leading or trailing) |
\ |
Template Literal Tag Functions
ldapEscape.filter
Escapes input for use as an LDAP filter.
ldapEscape.dn
Escapes input for use as an LDAP distinguished name.
Examples
Escape a Search Filter
"use strict";
const ldapEscape = require('ldap-escape');
const uid = 1337;
console.log(ldapEscape.filter`uid=${uid}`); // -> '(uid=1337)'
Escape a DN
"use strict";
const ldapEscape = require('ldap-escape');
const cn = 'alice';
console.log(ldapEscape.dn`cn=${cn},dc=test`); // -> 'cn=alice,dc=test'
Testing
npm test
License
See LICENSE.md