DEV Community

Nehonix Inc
Nehonix Inc

Posted on

Introducing Nehonix URI Processor: Simplify URI Validation and Security in TypeScript

#webdev #programming #javascript #typescript

Introducing Nehonix URI Processor: Simplify URI Validation and Security in TypeScript

Hey Dev.to community! 👋 I’m thrilled to share a project I’ve been working on: nehonix-uri-processor, a TypeScript library that makes URI validation, decoding, and security analysis a breeze. Whether you’re building a web app, securing an API, or conducting security tests, this library is here to help. Let’s dive in!

What is nehonix-uri-processor?

nehonix-uri-processor is a lightweight TypeScript library for handling URIs securely and efficiently. It’s packed with features to validate, decode, and analyze URIs, making it an essential tool for web developers and security researchers.

Key Features

  • Validate URIs: Check URIs against custom rules (e.g., HTTPS-only, max length).
  • Auto-Decode URIs: Automatically detect and decode encodings like Base64, percent encoding, and more.
  • Security Analysis: Identify potential vulnerabilities in URIs.
  • WAF Testing: Generate encoding variants to test Web Application Firewalls (WAFs).

The library is at version 2.1.3, published under the MIT License, so it’s free to use in any project!

Why I Built This

Handling URIs can be tricky—whether it’s validating user inputs, decoding encoded parameters, or checking for security risks. I often found myself writing repetitive code to handle these tasks, and existing solutions either lacked TypeScript support or were too complex. So, I created nehonix-uri-processor to simplify URI processing while keeping security in mind.

Getting Started

Installation

Install the library via npm:

npm i nehonix-uri-processor
Enter fullscreen mode Exit fullscreen mode

You’ll also need to install the punycode dependency:

npm install punycode
Enter fullscreen mode Exit fullscreen mode

A Quick Example

Here’s how you can use nehonix-uri-processor to decode a Base64-encoded URI parameter:

import { NehonixURIProcessor } from "nehonix-uri-processor";

// Decode a Base64-encoded query parameter
const encodedUri = "SGVsbG8gV29ybGQ="; // "Hello World" in Base64
const decoded = NehonixURIProcessor.autoDetectAndDecode(encodedUri);
console.log(decoded); // Outputs: "Hello World"
Enter fullscreen mode Exit fullscreen mode

This example uses the recommended autoDetectAndDecode method, which automatically detects the encoding (Base64 in this case) and decodes it to plaintext.

Use Case: Securing an API Endpoint

Let’s say you’re building an API that accepts URLs as query parameters. You want to validate and decode the URIs before processing them to avoid security issues. Here’s how nehonix-uri-processor can help:

import { NehonixURIProcessor } from "nehonix-uri-processor";

// Example API endpoint
async function handleRequest(queryParam: string) {
  try {
    // Decode the query parameter
    const decoded = NehonixURIProcessor.autoDetectAndDecode(queryParam);
    console.log("Decoded:", decoded);

    // Validate the URI (e.g., only allow HTTPS URLs)
    const isValid = NehonixURIProcessor.isValidUri(decoded, { httpsOnly: true });
    if (!isValid) {
      throw new Error("Invalid URI");
    }

    // Process the URI safely
    return { status: "success", data: decoded };
  } catch (error) {
    return { status: "error", message: error.message };
  }
}

// Test with an encoded URI
const result = handleRequest("https://example.com?data=SGVsbG8gV29ybGQ=");
console.log(result); // { status: "success", data: "https://example.com?data=Hello World" }
Enter fullscreen mode Exit fullscreen mode

This code ensures the URI is decoded and validated before being processed, reducing risks like injection attacks or malformed inputs.

What’s New in v2.1.3?

The latest version includes several improvements:

  • Added MIT License for open-source usage.
  • Fixed circular dependency issues for better reliability.
  • Improved decoding to handle edge cases (e.g., correctly converting Hello+World to Hello World).
  • Switched to named exports for a clearer API (import { NehonixURIProcessor } from "nehonix-uri-processor").

Try It Out!

You can install nehonix-uri-processor now and give it a try:

npm i nehonix-uri-processor
Enter fullscreen mode Exit fullscreen mode

For more examples and details, check out the documentation. I’d love to hear your feedback—let me know how it works for you in the comments! 😄

Contribute

Want to help make this library even better? Contributions are welcome! Fork the repo on GitHub and submit a pull request.

Thanks for reading! If you’re working on a project that involves URIs, I hope nehonix-uri-processor can save you some time and keep your app secure. Let’s discuss in the comments—what’s your go-to tool for URI handling?

Sentry
 Promoted

Billboard image

If seeing this in NextJS makes you đŸ€ź, get Sentry.

Try Sentry

Top comments (0)

Neon
 Promoted

Neon image

Next.js applications: Set up a Neon project in seconds

If you're starting a new project, Neon has got your databases covered. No credit cards. No trials. No getting in your way.

Get started →

👋 Kindness is contagious

Engage with a wealth of insights in this thoughtful article, cherished by the supportive DEV Community. Coders of every background are encouraged to bring their perspectives and bolster our collective wisdom.

A sincere “thank you” often brightens someone’s day—share yours in the comments below!

On DEV, the act of sharing knowledge eases our journey and forges stronger community ties. Found value in this? A quick thank-you to the author can make a world of difference.

Okay