ldap-escape

Template literal tag functions for LDAP filters and distinguished names to prevent LDAP injection attacks.
Uses the escape codes from Active Directory: Characters to Escape.

Installation

npm install --save ldap-escape

Specification

$3

| Character | Escape |
|-----------|--------|
| * | \2A |
| ( | \28 |
| ) | \29 |
| \ | \5C |
| NUL | \00 |

$3

| Character | Escape |
|-----------------------------|--------|
| , | \, |
| \ | \\ |
| # | \# |
| + | \+ |
| < | \< |
| > | \> |
| ; | \; |
| " | \" |
| = | \= |
| SPC (leading or trailing) | \ |

Template Literal Tag Functions

$3

Escapes input for use as an LDAP filter.

$3

Escapes input for use as an LDAP distinguished name.

Examples

$3

"use strict";

const ldapEscape = require('ldap-escape');

const uid = 1337;

console.log(ldapEscape.filteruid=${uid}); // -> 'uid=1337'

$3

"use strict";

const ldapEscape = require('ldap-escape');

const cn = 'alice';

console.log(ldapEscape.dncn=${cn},dc=test); // -> 'cn=alice,dc=test'

Testing

npm test

License

See LICENSE.md

ldap-escape

Template literal tag functions for LDAP filters and distinguished names to prevent LDAP injection attacks.
Uses the escape codes from Active Directory: Characters to Escape.

Installation

npm install --save ldap-escape

Specification

$3

| Character | Escape |
|-----------|--------|
| * | \2A |
| ( | \28 |
| ) | \29 |
| \ | \5C |
| NUL | \00 |

$3

Template Literal Tag Functions

$3

Escapes input for use as an LDAP filter.

$3

Escapes input for use as an LDAP distinguished name.

Examples

$3

"use strict";

const ldapEscape = require('ldap-escape');

const uid = 1337;

console.log(ldapEscape.filteruid=${uid}); // -> 'uid=1337'

$3

"use strict";

const ldapEscape = require('ldap-escape');

const cn = 'alice';

console.log(ldapEscape.dncn=${cn},dc=test); // -> 'cn=alice,dc=test'

Testing

npm test

License

See LICENSE.md