Hey Dev.to community! 👋 I’m thrilled to share NehonixURIProcessor v2.2.0, a powerful TypeScript library designed for developers and security enthusiasts who need to validate, decode, and secure URIs like pros. Whether you’re building web apps, testing for vulnerabilities, or just wrestling with tricky URLs, this library has your back. Let’s dive into why it’s a game-changer and how you can start using it today!
A full documentation is availlable on lab.nehonix.space

What’s NehonixURIProcessor?

NehonixURIProcessor is a TypeScript-first library for URI processing, offering robust validation, encoding/decoding, and security analysis. It’s built for:

  • Security testing: Detect malicious patterns like XSS or SQL injection.
  • Web development: Validate URLs with fine-grained control.
  • Penetration testing: Analyze and decode complex URI encodings.

With version 2.2.0, we’ve leveled up the library with new features, better type safety, and enhanced documentation. Here’s the scoop!

Key Features in v2.2.0

1. Advanced URL Validation with checkUrl and asyncCheckUrl

The checkUrl (synchronous) and asyncCheckUrl (asynchronous) methods let you validate URLs against customizable rules. Need to ensure a URL uses HTTPS, has a specific hostname, or avoids duplicate query params? No problem!

import { NehonixURIProcessor as __processor__ } from "nehonix-uri-processor";

const result = await __processor__.asyncCheckUrl(
  "https://example.com?user=",
  {
    httpsOnly: true,
    detectMaliciousPatterns: true,
    customValidations: [["hostname", "===", "example.com"]],
  }
);

console.log(result.validationDetails.maliciousPatterns);
// Output: { isValid: false, message: "Malicious pattern detected", detectedPatterns: [{ type: "XSS", value: "", score: 90 }], ... }

New in 2.2.0: asyncCheckUrl now includes malicious pattern results in validationDetails.maliciousPatterns, making it easier to integrate with your security workflows.

2. Malicious Pattern Detection

Protect your app from attacks with detectMaliciousPatterns and needsDeepScan. These methods analyze URIs for threats like XSS or SQL injection, with configurable sensitivity.

const needsScan = __processor__.needsDeepScan(
  "https://example.com?user=admin' OR '1'='1"
);
console.log(needsScan); // true

const result = __processor__.detectMaliciousPatterns(
  "https://example.com?user=",
  { sensitivity: 1.0 }
);
console.log(result); // Detailed analysis with detected patterns

3. Auto-Detection and Decoding

Decode complex URIs effortlessly with autoDetectAndDecode or its async counterpart. It handles Base64, percent encoding, JWT, and more, even in nested scenarios.

const decoded = await __processor__.asyncAutoDetectAndDecode(
  "https://example.com?data=SGVsbG8gV29ybGQ="
);
console.log(decoded); // https://example.com?data=Hello World

4. Framework Integrations

Seamlessly integrate with Express or React:

  • Express Middleware: Block malicious URIs automatically.
  • React Hook: Validate URLs in your components with useNehonixShield. 
const SecurityDemo = () => {
  const { scanUrl } = useNehonixShield();
  const handleAnalyze = async () => {
    const result = await scanUrl("https://example.com?category=books");
    console.log(result);
  };
  return <button onClick={handleAnalyze}>Analyze URL</button>;
};

5. TypeScript Awesomeness

Version 2.2.0 brings enhanced type safety. The new AsyncUrlCheckResult type ensures maliciousPatterns lives in validationDetails, keeping your code clean and predictable.

type AsyncUrlCheckResult = Omit<UrlCheckResult, 'validationDetails'> & {
  validationDetails: UrlCheckResult['validationDetails'] & {
    maliciousPatterns?: { isValid?: boolean; message?: string; detectedPatterns?: DetectedPattern[]; ... };
  };
};

6. New Methods and Utilities

  • asyncIsUrlValid: Async URI validation for non-blocking workflows.
  • sanitizeInput: Strip malicious patterns (use cautiously, it’s still stabilizing).
  • __processor__ alias: Import NehonixURIProcessor as __processor__ for shorter code.

What’s New in v2.2.0?

  • Improved Type Structure: maliciousPatterns now resides in validationDetails for asyncCheckUrl, streamlining security result handling.
  • New Security Features: Added needsDeepScan and detectMaliciousPatterns for robust threat detection.
  • Better Docs: Updated readme.md and checkUrlMethod.md with clearer examples and detailed type info.
  • Fixed Bugs: Corrected analyzeUrl to scanUrl in React Hook examples and improved literalValue type safety.

Check out the full changelog for details!

Why You’ll Love It

  • Security-First: Built for detecting and preventing URI-based attacks.
  • Flexible: Supports custom validation rules, international characters, and framework integrations.
  • Developer-Friendly: TypeScript types, clear docs, and a short import alias (__processor__).
  • Open-Source: MIT-licensed, with a welcoming community for contributions.

Get Started in Minutes

  1. Install the library: 
npm install nehonix-uri-processor punycode
  1. Try a quick example: 
import { NehonixURIProcessor as __processor__ } from "nehonix-uri-processor";

   async function validateUrl() {
     const result = await __processor__.asyncCheckUrl(
       "https://example.com/login",
       {
         httpsOnly: true,
         detectMaliciousPatterns: true,
       }
     );
     console.log(result.isValid ? "Safe URL!" : "Potential threat detected!");
   }
   validateUrl();
  1. Explore the docs and GitHub repo for more.

Join the Community

I’d love for you to try NehonixURIProcessor and share your feedback! Whether you’re securing a web app, testing APIs, or decoding gnarly URIs, this library is here to help. Star the GitHub repo, open an issue, or contribute a feature. Let’s make the web safer together! 🚀

Have questions or ideas? Drop a comment below. Happy coding, Dev.to fam! 😎

TypeScript #JavaScript #Security #WebDevelopment #OpenSource