ldap-escape
DefinitelyTyped icon, indicating that this package has TypeScript declarations provided by the separate @types/ldap-escape package

2.0.6 • Public • Published

ldap-escape

Template literal tag functions for LDAP filters and distinguished names to prevent LDAP injection attacks. Uses the escape codes from Active Directory: Characters to Escape.

Installation

npm install --save ldap-escape

Specification

escapes for search filter

Character Escape
* \2A
( \28
) \29
\ \5C
NUL \00

escapes for distinguished names

Character Escape
, \,
\ \\
# \#
+ \+
< \<
> \>
; \;
" \"
= \=
SPC (leading or trailing) \

Template Literal Tag Functions

ldapEscape.filter

Escapes input for use as an LDAP filter.

ldapEscape.dn

Escapes input for use as an LDAP distinguished name.

Examples

Escape a Search Filter

"use strict";

const ldapEscape = require('ldap-escape');

const uid = 1337;

console.log(ldapEscape.filter`uid=${uid}`); // -> 'uid=1337'

Escape a DN

"use strict";

const ldapEscape = require('ldap-escape');

const cn = 'alice';

console.log(ldapEscape.dn`cn=${cn},dc=test`); // -> 'cn=alice,dc=test'

Testing

npm test

License

See LICENSE.md

Package Sidebar

Install

npm i ldap-escape

Weekly Downloads

3,267

Version

2.0.6

License

ISC

Unpacked Size

9.21 kB

Total Files

8

Last publish

Collaborators

  • tcort