adding option for xss and date sanitization (#9)

* adding option for xss and date sanitization

* updated docs

Author: hscasn

README.md

@@ -38,6 +38,51 @@ func main() {
 }
 ```
 
+## Available options
+
+### Tag Name
+
+Default: `san`
+
+Use this option to tell the sanitizer to use another tag name instead of "san".
+
+```go
+s := sanitizer.New(sanitizer.OptionTagName{
+    Value: "mytag",
+})
+```
+
+### Date Format
+
+Default: `Input = []`, `Output = ""`, and `KeepFormat = false`.
+
+Use this option to specify which date format we should use.
+
+The `Input` field tells us which date formats we can accept (such as RFC3339 and RFC3339Nano).
+
+The `KeepFormat` field tells us if we should keep the date format unchanged, or if we want to force them into another format.
+
+The `Output` field tells us which format we should use for the output if `KeepFormat` is set to false.
+
+If a date can not be parsed by the formats specified in the `Input` field, the field will be converted into an empty string.
+
+Example:
+- If `Input = [RFC1123, RFC3339Nano]`, `KeepFormat: false`, and `Output = RFC3339`, we will accept dates in the RFC1123 and RFC3339Nano formats and convert them to RFC3339 format. Any other formats will be converted into an empty string.
+- If `Input = [RFC1123, RFC3339Nano]` and `KeepFormat: true`, we will accept dates in the RFC1123 and RFC3339Nano formats and keep them in the same format. Any other formats will be converted into an empty string.
+- If `Input = []`, the field will be converted into an empty string, since there are no allowed input formats.
+
+```go
+s := sanitizer.New(sanitizer.OptionDateFormat{
+    Input: []string{
+        time.RFC3339,
+        time.RFC3339Nano,
+    },
+    KeepFormat: false,
+    Output:     time.RFC1123,
+})
+```
+
+
 ## Available tags
 
 ### string
@@ -49,8 +94,10 @@ func main() {
 1. **title** - First character of every word is changed to uppercase, the rest to lowercase
 1. **cap** - Only the first letter of the string will be changed to uppercase, the rest to lowercase
 1. **def=`<n>`** (only available for pointers) - Sets a default `<n>` value in case the pointer is `nil`
+1. **xss** - Will remove brackets such as <>[](){} and the characters !=? from the string
+1. **date** - Will parse the string using the input formats provided in the options and print it using the output format provided in the options. If the string can not be parsed, it will be left empty.
 
-The order of precedence will be: **trim** -> **max** -> **lower**
+The order of precedence will be: **xss** -> **trim** -> **date** -> **max** -> **lower** -> **upper** -> **title** -> **cap**
 
 
 ### int, uint, and float

options.go

@@ -3,7 +3,7 @@ package sanitize
 // Option represents an optional setting for the sanitizer library
 type Option interface {
 	id() string
-	value() string
+	value() interface{}
 }
 
 // OptionTagName allows users to use custom tag names for the structs
@@ -19,6 +19,27 @@ func (o OptionTagName) id() string {
 	return optionTagNameID
 }
 
-func (o OptionTagName) value() string {
+func (o OptionTagName) value() interface{} {
 	return o.Value
 }
+
+// OptionDateFormat allows users to specify what date formats are accepted
+// as input and what is expected as output. You can choose to force the date
+// to be parsed in a different format, or keep the original format
+type OptionDateFormat struct {
+	Input      []string
+	KeepFormat bool
+	Output     string
+}
+
+var _ Option = OptionDateFormat{}
+
+const optionDateFormatID = "date-format"
+
+func (o OptionDateFormat) id() string {
+	return optionDateFormatID
+}
+
+func (o OptionDateFormat) value() interface{} {
+	return o
+}

options_test.go

@@ -13,7 +13,7 @@ func (o unknownOption) id() string {
 	return "strangetag!"
 }
 
-func (o unknownOption) value() string {
+func (o unknownOption) value() interface{} {
 	return "very strange indeed"
 }
 

sanitize.go

@@ -13,7 +13,10 @@ const DefaultTagName = "san"
 
 // Sanitizer intance
 type Sanitizer struct {
-	tagName string
+	tagName        string
+	dateInput      []string
+	dateKeepFormat bool
+	dateOutput     string
 }
 
 // New sanitizer instance
@@ -24,13 +27,18 @@ func New(options ...Option) (*Sanitizer, error) {
 	for _, o := range options {
 		switch o.id() {
 		case optionTagNameID:
-			v := o.value()
+			v := o.value().(string)
 			if len(v) < 1 || len(v) > 10 {
 				return nil, fmt.Errorf("tag name %q must be between 1 and 10 characters", v)
 			}
 			s.tagName = v
+		case optionDateFormatID:
+			v := o.value().(OptionDateFormat)
+			s.dateInput = v.Input
+			s.dateKeepFormat = v.KeepFormat
+			s.dateOutput = v.Output
 		default:
-			return nil, fmt.Errorf("tag name %q is not valid", o.value())
+			return nil, fmt.Errorf("option %q is not valid", o.id())
 		}
 	}
 	return s, nil

sanitize_test.go

@@ -3,9 +3,10 @@ package sanitize
 import (
 	"reflect"
 	"testing"
+	"time"
 )
 
-func Test_Sanitize_Simple(t *testing.T) {
+func Test_Sanitize_CodeSample(t *testing.T) {
 	type Dog struct {
 		Name  string  `san:"max=5,trim,lower"`
 		Breed *string `san:"def=unknown"`
@@ -44,6 +45,41 @@ func Test_Sanitize_Simple(t *testing.T) {
 	}
 }
 
+func Test_Sanitize_Options(t *testing.T) {
+	type Dog struct {
+		Name            string `abcde:"max=5,trim,lower"`
+		Birthday        string `abcde:"date"`
+		PersonalWebsite string `abcde:"xss,trim"`
+	}
+
+	now := time.Now()
+
+	d := Dog{
+		Name:            "Borky Borkins",
+		Birthday:        now.Format(time.RFC3339),
+		PersonalWebsite: "<html>[head]1=1?;{/head}(/html)",
+	}
+
+	expected := Dog{
+		Name:            "borky",
+		Birthday:        now.Format(time.RFC850),
+		PersonalWebsite: "html head 1 1 /head /html",
+	}
+
+	s, _ := New(
+		OptionTagName{Value: "abcde"},
+		OptionDateFormat{
+			Input:  []string{time.RFC3339},
+			Output: time.RFC850,
+		},
+	)
+	s.Sanitize(&d)
+
+	if !reflect.DeepEqual(d, expected) {
+		t.Errorf("Sanitize() - got %+v but wanted %+v", d, expected)
+	}
+}
+
 func Test_Sanitize(t *testing.T) {
 
 	type TestStruct struct {

string.go

@@ -2,8 +2,10 @@ package sanitize
 
 import (
 	"reflect"
+	"regexp"
 	"strconv"
 	"strings"
+	"time"
 )
 
 // sanitizeStrField sanitizes a string field. Requires the whole
@@ -46,7 +48,14 @@ func sanitizeStrField(s Sanitizer, structValue reflect.Value, idx int) error {
 			field = field.Elem()
 		}
 
-		// Trim must happen first, no matter what other components there are.
+		// Let's strip out invalid characters before anything else
+		if _, ok := tags["xss"]; ok {
+			oldStr := field.String()
+			field.SetString(xss(oldStr))
+		}
+
+		// Trim must happen before the other tags, no matter what other
+		// components there are.
 		if _, ok := tags["trim"]; ok {
 			// Ignore value of this component, we don't care *how* to trim,
 			// we just trim.
@@ -55,6 +64,10 @@ func sanitizeStrField(s Sanitizer, structValue reflect.Value, idx int) error {
 		}
 
 		// Apply rest of transforms
+		if _, ok := tags["date"]; ok {
+			oldStr := field.String()
+			field.SetString(date(s.dateInput, s.dateKeepFormat, s.dateOutput, oldStr))
+		}
 		if _, ok := tags["max"]; ok {
 			max, err := strconv.ParseInt(tags["max"], 10, 32)
 			if err != nil {
@@ -65,7 +78,6 @@ func sanitizeStrField(s Sanitizer, structValue reflect.Value, idx int) error {
 				field.SetString(oldStr[0:max])
 			}
 		}
-
 		if _, ok := tags["lower"]; ok {
 			oldStr := field.String()
 			field.SetString(strings.ToLower(oldStr))
@@ -132,3 +144,27 @@ func toCap(s string) string {
 	}
 	return string(b)
 }
+
+var replaceWhitespaces = regexp.MustCompile(`\s\s+`)
+var blacklistStripping = regexp.MustCompile(`[\p{Me}\p{C}<>=;(){}\[\]?]`)
+
+func xss(s string) string {
+	s = blacklistStripping.ReplaceAllString(s, " ")
+	s = replaceWhitespaces.ReplaceAllString(s, " ")
+	return s
+}
+
+func date(in []string, keepFormat bool, out, v string) string {
+	for _, f := range in {
+		t, err := time.Parse(f, v)
+		if err != nil {
+			continue
+		}
+		outf := f
+		if !keepFormat {
+			outf = out
+		}
+		return t.Format(outf)
+	}
+	return ""
+}