Skip to content

Commit f0d05ea

Browse files
mjacksonmjackson
committed
Fighting spam :/
1 parent c37101a commit f0d05ea

File tree

1 file changed

+13
-0
lines changed

1 file changed

+13
-0
lines changed

modules/middleware/validatePackageName.js

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,22 @@
11
const validateNpmPackageName = require("validate-npm-package-name");
22

3+
const hexValue = /^[a-f0-9]+$/i;
4+
5+
function isHash(value) {
6+
return value.length === 32 && hexValue.test(value);
7+
}
8+
39
/**
410
* Reject requests for invalid npm package names.
511
*/
612
function validatePackageName(req, res, next) {
13+
if (isHash(req.packageName)) {
14+
return res
15+
.status(403)
16+
.type("text")
17+
.send(`Invalid package name "${req.packageName}" (cannot be a hash)`);
18+
}
19+
720
const errors = validateNpmPackageName(req.packageName).errors;
821

922
if (errors) {

0 commit comments

Comments
 (0)