1. function sanitizeInput(input, allowedMethods = [], allowedParams = {}) {
  2. // Basic sanitization: remove potentially harmful characters.
  3. const sanitized = input.replace(/[&<>"']/g, '');
  5. // Allow specific methods if provided.
  6. if (allowedMethods && allowedMethods.length > 0) {
  7. const validMethods = allowedMethods.map(method => method.toLowerCase());
  8. if (!validMethods.includes(input.toLowerCase())) {
  9. return null; // Reject if method is not allowed.
  10. }
  11. }
  13. // Allow specific parameters if provided.
  14. if (allowedParams) {
  15. for (const param in allowedParams) {
  16. if (input.toLowerCase().indexOf(param.toLowerCase()) === -1) {
  17. return null; // Reject if required parameter is missing
  18. }
  19. }
  20. }
  22. // Additional validation/sanitization (example - length)
  23. if (sanitized.length > 255) {
  24. return null; //Reject if too long
  25. }
  27. return sanitized;
  28. }

Add your comment