VAF
Vant Application Firewall - input validation.
What
VAF validates all input:
- Type checking
- Length limits
- Path traversal
- Shell characters
- Word stacking
Check
Validate input:
const vaf = require('./lib/vaf');
vaf.check('input', { type: 'string', maxLength: 500 });
Options
| Option | What |
|---|---|
| type | string, number, object, array |
| maxLength | Max length |
| pattern | Regex pattern |
| required | Must be present |
Blocked Patterns
VAF blocks:
| Pattern | Example |
|---|---|
| Path traversal | ../etc/passwd |
| Shell chars | ; rm -rf |
| Env vars | $HOME |
| Word stacking | vant vant vant |
Configuration
vaf.configure({
maxLength: 50000,
blockPathTraversal: true,
blockShellChars: true,
blockEnvVars: true
});
Integration
VAF runs on all inputs:
// All storage operations go through VAF
brain.write('category', 'file', content);