How to use the hoek.escapeHtml function in hoek
To help you get started, we’ve selected a few hoek examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
ozum / hapi-locale / node_modules / hapi / lib / validation.js View on Github 
}
}
if (request.route.settings.validate.failAction === 'ignore') {
return;
}
// Prepare error
const defaultError = validationError.isBoom ? validationError : Boom.badRequest(`Invalid request ${source} input`);
const detailedError = Boom.boomify(validationError, { statusCode: 400, override: false });
detailedError.output.payload.validation = { source, keys: [] };
if (validationError.details) {
for (let i = 0; i < validationError.details.length; ++i) {
const path = validationError.details[i].path;
detailedError.output.payload.validation.keys.push(Hoek.escapeHtml(path.join('.')));
}
}
if (request.route.settings.validate.errorFields) {
const fields = Object.keys(request.route.settings.validate.errorFields);
for (let i = 0; i < fields.length; ++i) {
const field = fields[i];
detailedError.output.payload[field] = request.route.settings.validate.errorFields[field];
}
}
return request._core.toolkit.failAction(request, request.route.settings.validate.failAction, defaultError, { details: detailedError, tags: ['validation', 'error', source] });
};validationError.details.forEach(detail => {
if (detail.path.length > 0) {
validationKeys.push(Hoek.escapeHtml(detail.path.join('.')));
} else {
// If no path, use the value sigil to signal the entire value had an issue.
validationKeys.push('value');
}
});internals.Boom.prototype.reformat = function () {
this.response.payload.code = this.response.code;
this.response.payload.error = Http.STATUS_CODES[this.response.code] || 'Unknown';
if (this.message) {
this.response.payload.message = Hoek.escapeHtml(this.message); // Prevent XSS from error message
}
};}
}
if (request.route.settings.validate.failAction === 'ignore') {
return;
}
// Prepare error
const defaultError = validationError.isBoom ? validationError : Boom.badRequest(`Invalid request ${source} input`);
const detailedError = Boom.boomify(validationError, { statusCode: 400, override: false });
detailedError.output.payload.validation = { source, keys: [] };
if (validationError.details) {
for (const details of validationError.details) {
const path = details.path;
detailedError.output.payload.validation.keys.push(Hoek.escapeHtml(path.join('.')));
}
}
if (request.route.settings.validate.errorFields) {
for (const field in request.route.settings.validate.errorFields) {
detailedError.output.payload[field] = request.route.settings.validate.errorFields[field];
}
}
return request._core.toolkit.failAction(request, request.route.settings.validate.failAction, defaultError, { details: detailedError, tags: ['validation', 'error', source] });
};internals.Boom.prototype.reformat = function () {
this.response.payload.code = this.response.code;
this.response.payload.error = Http.STATUS_CODES[this.response.code] || 'Unknown';
if (this.message) {
this.response.payload.message = Hoek.escapeHtml(this.message); // Prevent XSS from error message
}
};const message = format.replace(/{{(!?)([^}]+)}}/g, ($0, isSecure, name) => {
const value = Hoek.reach(this.context, name);
const normalized = internals.stringify(value, wrapArrays);
return (isSecure && this.options.escapeHtml ? Hoek.escapeHtml(normalized) : normalized);
});var message = format.replace(/\{\{(\!?)([^}]+)\}\}/g, function ($0, isSecure, name) {
var value = Hoek.reach(self.context, name);
var normalized = internals.stringify(value, wrapArrays);
return (isSecure ? Hoek.escapeHtml(normalized) : normalized);
});entry.errors.forEach((err) => {
err.message = Hoek.escapeHtml(err.message);
});
}, this);Handlebars.registerHelper('errorMessage', (err) => {
return new Handlebars.SafeString(Hoek.escapeHtml('' + err.message));
});
