Sifter.FullText.Sanitizers.Strict (Sifter v0.2.0)
View SourceStrict sanitizer for raw tsquery operations with defense-in-depth security.
This sanitizer implements aggressive filtering providing multiple layers of protection against OWASP SQL wildcard attacks and PostgreSQL tsquery injection vulnerabilities.
Security Features
- Input length limitations to prevent DoS attacks
- Aggressive character filtering to remove wildcards and special characters
- Term count limitations to prevent query complexity attacks
- Minimum term length requirements to prevent wildcard-like behavior
- Only allows alphanumeric characters
- Automatically appends prefix matching (
:*) to valid terms
Usage
iex> Sifter.FullText.Sanitizers.Strict.sanitize_tsquery("validation system")
"validation:* & system:*"
iex> Sifter.FullText.Sanitizers.Strict.sanitize_tsquery("'; DROP TABLE --")
""
iex> Sifter.FullText.Sanitizers.Strict.sanitize_tsquery("a")
""
iex> Sifter.FullText.Sanitizers.Strict.sanitize_tsquery("test123 data-mining")
"test123:* & datamining:*"Summary
Functions
Sanitizes a search term for safe use with raw tsquery operations.
Validates if a sanitized search query is safe and non-empty.
Functions
Sanitizes a search term for safe use with raw tsquery operations.
This function implements defense-in-depth security measures including:
- Limits total query length to 100 characters
- Limits to maximum 10 search terms
- Removes all special characters including wildcards (%, _, ., -, etc.)
- Requires minimum 2 character term length
- Limits final processed terms to 5
- Only allows alphanumeric characters
- Joins terms with ' & ' for AND logic
- Appends ':*' for prefix matching
Parameters
term- The search term to sanitize (binary or other)
Returns
A sanitized tsquery string ready for use with PostgreSQL's to_tsquery() function, or empty string for invalid/unsafe input.
Validates if a sanitized search query is safe and non-empty.
Parameters
sanitized_query- The query string to validate
Returns
true if the query is safe and non-empty, false otherwise.