/** * Filename and Display Name Sanitization Utilities * Prevents path traversal attacks and filesystem issues * * This module provides: * - Filename sanitization for safe filesystem storage * - Display name sanitization for user-facing content * - Path traversal prevention * * @see https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html */ import type { SanitizeFileNameOptions, SanitizeDisplayNameOptions } from "../../types/index.js"; /** * Sanitize a filename for safe filesystem storage. * Removes characters that are invalid on various operating systems. * * @param filename - Raw filename to sanitize * @param options - Sanitization options * @returns Safe filename * @throws Error if filename is empty after sanitization * * @example * sanitizeFileName('my:file.txt'); * // Returns: 'my_file_name_.txt' * * @example * sanitizeFileName('../../../etc/passwd'); * // Returns: '______etc_passwd' * * @example * sanitizeFileName('malware.exe', { blockDangerousExtensions: true }); * // Throws: Error - dangerous extension */ export declare function sanitizeFileName(filename: string, options?: SanitizeFileNameOptions): string; /** * Sanitize a display name for safe user-facing display. * Removes control characters and limits length. * * @param name - Raw display name to sanitize * @param options - Sanitization options * @returns Safe display name * * @example * sanitizeDisplayName(' John\x00Doe '); * // Returns: 'John Doe' * * @example * sanitizeDisplayName('User'); * // Returns: 'User' */ export declare function sanitizeDisplayName(name: string, options?: SanitizeDisplayNameOptions): string; /** * Validate a display name strictly. * Only allows alphanumeric, spaces, and basic punctuation. * * @param name - Display name to validate * @returns true if valid, false otherwise * * @example * isValidDisplayName('John Doe'); // true * isValidDisplayName('John