Rename validateObject function to ensureNoUnsafeProperties

elastic · Dec 21, 2020 · 4261fbe · 4261fbe
1 parent b9185ee
commit 4261fbe
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 8 deletions.
diff --git a/..._snapshots__/validate_object.test.ts.snap → .../ensure_no_unsafe_properties.test.ts.snap b/..._snapshots__/validate_object.test.ts.snap → .../ensure_no_unsafe_properties.test.ts.snap
diff --git a/packages/kbn-std/src/validate_object.test.ts → ...d/src/ensure_no_unsafe_properties.test.ts b/packages/kbn-std/src/validate_object.test.ts → ...d/src/ensure_no_unsafe_properties.test.ts
@@ -17,14 +17,14 @@
  * under the License.
  */
 
-import { validateObject } from './validate_object';
+import { ensureNoUnsafeProperties } from './ensure_no_unsafe_properties';
 
 test(`fails on circular references`, () => {
   const foo: Record<string, any> = {};
   foo.myself = foo;
 
   expect(() =>
-    validateObject({
+    ensureNoUnsafeProperties({
       payload: foo,
     })
   ).toThrowErrorMatchingInlineSnapshot(`"circular reference detected"`);
@@ -57,7 +57,7 @@ test(`fails on circular references`, () => {
       [property]: value,
     };
     test(`can submit ${JSON.stringify(obj)}`, () => {
-      expect(() => validateObject(obj)).not.toThrowError();
+      expect(() => ensureNoUnsafeProperties(obj)).not.toThrowError();
     });
   });
 });
@@ -74,6 +74,6 @@ test(`fails on circular references`, () => {
   JSON.parse(`{ "foo": { "bar": { "constructor": { "prototype" : null } } } }`),
 ].forEach((value) => {
   test(`can't submit ${JSON.stringify(value)}`, () => {
-    expect(() => validateObject(value)).toThrowErrorMatchingSnapshot();
+    expect(() => ensureNoUnsafeProperties(value)).toThrowErrorMatchingSnapshot();
   });
 });
diff --git a/packages/kbn-std/src/validate_object.ts → ...bn-std/src/ensure_no_unsafe_properties.ts b/packages/kbn-std/src/validate_object.ts → ...bn-std/src/ensure_no_unsafe_properties.ts
@@ -31,7 +31,7 @@ const hasOwnProperty = (obj: any, property: string) =>
 const isObject = (obj: any) => typeof obj === 'object' && obj !== null;
 
 // we're using a stack instead of recursion so we aren't limited by the call stack
-export function validateObject(obj: any) {
+export function ensureNoUnsafeProperties(obj: any) {
   if (!isObject(obj)) {
     return;
   }

diff --git a/packages/kbn-std/src/index.ts b/packages/kbn-std/src/index.ts
@@ -27,5 +27,5 @@ export { withTimeout } from './promise';
 export { isRelativeUrl, modifyUrl, getUrlOrigin, URLMeaningfulParts } from './url';
 export { unset } from './unset';
 export { getFlattenedObject } from './get_flattened_object';
-export { validateObject } from './validate_object';
+export { ensureNoUnsafeProperties } from './ensure_no_unsafe_properties';
 export * from './rxjs_7';
diff --git a/src/core/server/http/http_tools.ts b/src/core/server/http/http_tools.ts
@@ -29,7 +29,7 @@ import Hoek from '@hapi/hoek';
 import type { ServerOptions as TLSOptions } from 'https';
 import type { ValidationError } from 'joi';
 import uuid from 'uuid';
-import { validateObject } from '@kbn/std';
+import { ensureNoUnsafeProperties } from '@kbn/std';
 import { HttpConfig } from './http_config';
 
 const corsAllowedHeaders = ['Accept', 'Authorization', 'Content-Type', 'If-None-Match', 'kbn-xsrf'];
@@ -69,7 +69,7 @@ export function getServerOptions(config: HttpConfig, { configureTLS = true } = {
         // This is a default payload validation which applies to all LP routes which do not specify their own
         // `validate.payload` handler, in order to reduce the likelyhood of prototype pollution vulnerabilities.
         // (All NP routes are already required to specify their own validation in order to access the payload)
-        payload: (value) => Promise.resolve(validateObject(value)),
+        payload: (value) => Promise.resolve(ensureNoUnsafeProperties(value)),
       },
     },
     state: {