Function: detectThreatPatterns()

detectThreatPatterns(input, config?): ThreatDetectionResult

Defined in: validators.ts:456 Run every enabled detector against input and aggregate findings. Returns early-but-not-immediately: each individual detector still runs to completion, but each detector returns at most one finding, so the aggregate threats array is small (≤ 6 entries). Non-string inputs (null, undefined, numbers, …) are treated as safe — wrap caller-side validation around this if you want to reject non-strings.

Parameters

input

string The candidate string.

config?

ThreatDetectionConfig = DEFAULT_CONFIG Detector toggles. Defaults turn on everything except command-injection.

Returns

ThreatDetectionResult { isSafe, threats }.

Example

const result = detectThreatPatterns(req.body.query);
if (!result.isSafe) return new Response(getThreatErrorMessage(result), { status: 400 });

ContainsXSSPatterns GetThreatErrorMessage

​Function: detectThreatPatterns()

​Parameters

​input

​config?

​Returns

​Example