url-black-list v1.0.3
url-black-list
url-black-list is a JavaScript library for blocking specified URLs, which may include unicode, using IDNA|https://www.unicode.org/Public/idna/latest/IdnaMappingTable.txt and punycode|https://github.com/bestiejs/punycode.js.
Motivation
In my personal app, some evil users posted spam content with URLs. In the begining, I could treat with this kind of spam by implementing filter using black list to block some domains. But afterwards, they started putting URL that can bypass our filter but send victimes to the same location. For example, browsers transform "β°ππmπ le.πβ΄π" into "example.com" when you put it in address bar. And "β‘" can be transformed into "tel", even more amazingly, "γ" can be "γͺγγγ«". So the simple text matching based black list is not good solution for this method because they can generate numerous number of equivalent URLs ("β°ππmπ le.πβ΄π", "Eπamπ le.πβ΄π", "eππmπ le.coπ", "EXAMPLE.COM", "example.com" and so on) easily.
Installation
yarn add url-black-list
# or
npm install --save url-black-list
Examples
import { URLBlackList } from 'url-black-list';
const blackList = new URLBlackList();
blackList.add('example.com');
blackList.add('ππππ');
blackList.isValidText('example.com'); // false
blackList.isValidText('β°ππmπ
le.πβ΄π'); // false
blackList.isValidText('aaaa'); // false
blackList.isValidText('AAAA'); // false
blackList.isValidText('valid.domain.com'); // true
License
MIT