esc-command
v1.0.0
Published
escape command to prevent command injection vulnerabilities
Downloads
7
Readme
esc-command
Utility methods to prevent command injection vulnerabilities.
usage
escapeCommand()
Escapes a command or command arguments by operation system
import {escapeCommand} from 'esc-command'
const dirname = '/usr/bin;" cat /etc/passwd'
const esc = 'ls -1 "' + escapeCommand(dirname) + '"'
// ls -1 "\/usr\/bin\;\" cat \/etc\/passwd"escapeCommandLit``
Literal to escape a command or command arguments by operation system
import {escapeCommandLit} from 'esc-command'
const dirname = '/usr/bin;" cat /etc/passwd'
const esc = escapeCommandLit`ls -1 "${dirname}"`
// ls -1 "\/usr\/bin\;\" cat \/etc\/passwd"filterCommand()
Filters a command or command arguments by operation system
import {filterCommand} from 'esc-command'
const dirname = '/usr/bin;" cat /etc/passwd'
const esc = 'ls -1 "' + filterCommand(dirname) + '"'
// ls -1 "\/usr\/bin cat \/etc\/passwd"filterCommandLit``
Literal to filter a command or command arguments by operation system
import {filterCommandLit} from 'esc-command'
const dirname = '/usr/bin;" cat /etc/passwd'
const esc = filterCommandLit`ls -1 "${dirname}"`
// ls -1 "\/usr\/bin cat \/etc\/passwd"