From f3ce4b44e766970a2561fec67444b58084bc715c Mon Sep 17 00:00:00 2001 From: Jes Avi <101438350+JesusAlexV@users.noreply.github.com> Date: Wed, 11 May 2022 10:19:55 -0600 Subject: [PATCH 1/2] Create waf.tsx --- waf.tsx | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 waf.tsx diff --git a/waf.tsx b/waf.tsx new file mode 100644 index 0000000..3e08d04 --- /dev/null +++ b/waf.tsx @@ -0,0 +1,37 @@ +// @ts-nocheck + +interface WafParameter { + name: string; + disallowTags?: boolean; +} + +interface WafConfig { + parameters?: WafParameter[]; +} + +const getParam = (url, param) => { + const { searchParams: query } = new URL(url); + return query.get(param); +} + +const waf: Function = (config: WafConfig) => async (ctx: any, next: any): Promise => { + // Validate parameters + if (!config.parameters) { + config.parameters = []; + } + for (const parameter of config.parameters) { + let paramValue = getParam(ctx.request.url, parameter.name); + if (paramValue) { + paramValue = paramValue.toLowerCase(); + if (parameter.disallowTags) { + if (paramValue.includes('<')) { + ctx.response.body = 'Web Application Firewall: Your name cannot contain HTML tags'; + return; + } + } + } + } + await next(); +} + +export default waf; From a09954c6e56676285a5d1ddc7f6d251ede1b1957 Mon Sep 17 00:00:00 2001 From: Jes Avi <101438350+JesusAlexV@users.noreply.github.com> Date: Wed, 11 May 2022 10:21:29 -0600 Subject: [PATCH 2/2] Create tsconfig.json --- tsconfig.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 tsconfig.json diff --git a/tsconfig.json b/tsconfig.json new file mode 100644 index 0000000..7274da0 --- /dev/null +++ b/tsconfig.json @@ -0,0 +1,14 @@ +{ + "compilerOptions": { + "jsx": "react", + "jsxFactory": "h", + "checkJs": false, + "lib": [ + "dom", + "dom.iterable", + "dom.asynciterable", + "deno.ns", + "deno.unstable" + ] + } +}