0.2.1

- Added feature to run the validator on arbitrary strings in addition to the direct Express render integration.
- Bumped Node support matrix to 16 and 18.
- Various dependencies bumped.

Author: kethinov

.github/workflows/.ci.yml

@@ -5,7 +5,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        node-version: [14.x, 16.x]
+        node-version: [16.x, 18.x]
         os: [ubuntu-latest, macos-latest, windows-latest]
     steps:
       - uses: actions/checkout@v3

CHANGELOG.md

@@ -4,6 +4,12 @@
 
 - Put your changes here...
 
+## 0.2.1
+
+- Added feature to run the validator on arbitrary strings in addition to the direct Express render integration.
+- Bumped Node support matrix to 16 and 18.
+- Various dependencies bumped.
+
 ## 0.2.0
 
 - Various dependencies bumped.

README.md

@@ -29,6 +29,30 @@ app.get('/', (req, res) => {
 })
 ```
 
+You can also run the validator on arbitrary strings outide of the Express context:
+
+```js
+const config = {}
+const expressValidator = require('express-html-validator')(config)
+
+const someHtml = `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Some HTML that will not validate</title>
+</head>
+<body>
+  <p>hello world</p></p>
+</body>
+</html>`
+
+const validationResult = expressValidator(someHtml)
+```
+
+Since the example HTML is not valid, if you display the contents of `validationResult` in a browser, you will see validation errors.
+
 ## Configuration
 
 Optionally you can pass this module a set of configs:

index.js

@@ -10,8 +10,17 @@ const { HtmlValidate } = require('html-validate')
 const validatorErrorPage = fs.readFileSync(path.join(__dirname, 'templates/errorPage.html'))
 
 module.exports = (app, params) => {
-  params = params || {}
-  const render = app.response.render
+  if (app.hasOwnProperty('listen') || typeof app.listen === 'function') {
+    params = params || {} // two arguments
+  } else {
+    params = app // one argument
+    app = null
+  }
+
+  let render
+  if (app) {
+    render = app.response.render
+  }
   let resModel
 
   // sanitize config
@@ -71,91 +80,100 @@ module.exports = (app, params) => {
   // instantiate the validator module
   const htmlValidate = new HtmlValidate(rules)
 
-  // use some method overload trickery to store a usable model reference
-  app.response.render = function (view, model, callback) {
-    // store a reference to the model if exceptions are being used and a model was set
-    if (model && typeof model === 'object') {
-      resModel = model
-    }
+  function validate (body, res) {
+    // run the validator against the response body
+    const report = htmlValidate.validateString(body)
 
-    render.apply(this, arguments)
-  }
+    if (!report.valid) {
+      const errorMap = new Map()
+      let parsedErrors = ''
+
+      for (const error of report.results[0].messages) {
+        const message = escapeHtmlEntities(error.message)
+
+        // first line is error message
+        parsedErrors += `${message}\n`
 
-  // validate responses under the right conditions
-  app.use(tamper((req, res) => {
-    /**
-     * Skip validation when:
-     * - HTTP status is not 200 (don't validate error pages)
-     * - content-type is not text/html (don't validate non-HTML responses)
-     * - No exception applies
-     */
-    if (res.statusCode === 200 && res.getHeader('Content-Type') && res.getHeader('Content-Type').includes('text/html') && !validatorExceptions(req, res)) {
-      // start validating the response body
-      return body => {
-        // run the validator against the response body
-        const report = htmlValidate.validateString(body)
-
-        if (!report.valid) {
-          const errorMap = new Map()
-          let parsedErrors = ''
-
-          for (const error of report.results[0].messages) {
-            const message = escapeHtmlEntities(error.message)
-
-            // first line is error message
-            parsedErrors += `${message}\n`
-
-            // next line is line and column numbers
-            parsedErrors += `At line ${error.line}, column ${error.column}\n\n`
-
-            // add error message and line number to map
-            errorMap.set(error.line, error.message)
-          }
-
-          const errorList = `<h2>Errors:</h2>\n<code class="validatorErrors">${parsedErrors}</code>`
-
-          // start building out stylized markup block
-          let formattedHTML = '<pre class=\'markup\'>\n<code class="language-html">\n'
-          const markupArray = body.split('\n')
-
-          // add line number highlighting for detected errors
-          for (let i = 0; i < markupArray.length; i++) {
-            const markupLine = markupArray[i]
-            if (errorMap.has(i + 1)) {
-              formattedHTML += `<span title='${errorMap.get(i + 1)}' class='line-numbers error'>`
-              formattedHTML += Prism.highlight(`${markupLine}`, Prism.languages.markup)
-              formattedHTML += '</span>'
-            } else {
-              formattedHTML += '<span class=\'line-numbers\'>'
-              formattedHTML += Prism.highlight(`${markupLine}`, Prism.languages.markup)
-              formattedHTML += '</span>'
-            }
-          }
-
-          // cap off the stylized markup blocks
-          formattedHTML += '</code>\n</pre>'
-          formattedHTML = `<h2>Markup used:</h2>\n${formattedHTML}`
-
-          // use 500 status for the validation error
-          res.status(500)
-
-          // build a model that includes error data, markup, and styling
-          const model = {
-            prismStyle: prismStyleSheet.toString(),
-            preWidth: markupArray.length.toString().length * 8,
-            errors: errorList,
-            markup: formattedHTML,
-            rawMarkup: body
-          }
-
-          // parse error page template and replace response body with it
-          body = template(validatorErrorPage, model)
+        // next line is line and column numbers
+        parsedErrors += `At line ${error.line}, column ${error.column}\n\n`
+
+        // add error message and line number to map
+        errorMap.set(error.line, error.message)
+      }
+
+      const errorList = `<h2>Errors:</h2>\n<code class="validatorErrors">${parsedErrors}</code>`
+
+      // start building out stylized markup block
+      let formattedHTML = '<pre class=\'markup\'>\n<code class="language-html">\n'
+      const markupArray = body.split('\n')
+
+      // add line number highlighting for detected errors
+      for (let i = 0; i < markupArray.length; i++) {
+        const markupLine = markupArray[i]
+        if (errorMap.has(i + 1)) {
+          formattedHTML += `<span title='${errorMap.get(i + 1)}' class='line-numbers error'>`
+          formattedHTML += Prism.highlight(`${markupLine}`, Prism.languages.markup)
+          formattedHTML += '</span>'
+        } else {
+          formattedHTML += '<span class=\'line-numbers\'>'
+          formattedHTML += Prism.highlight(`${markupLine}`, Prism.languages.markup)
+          formattedHTML += '</span>'
         }
+      }
+
+      // cap off the stylized markup blocks
+      formattedHTML += '</code>\n</pre>'
+      formattedHTML = `<h2>Markup used:</h2>\n${formattedHTML}`
+
+      // use 500 status for the validation error
+      if (res) {
+        res.status(500)
+      }
 
-        return body
+      // build a model that includes error data, markup, and styling
+      const model = {
+        prismStyle: prismStyleSheet.toString(),
+        preWidth: markupArray.length.toString().length * 8,
+        errors: errorList,
+        markup: formattedHTML,
+        rawMarkup: body
       }
+
+      // parse error page template and replace response body with it
+      body = template(validatorErrorPage, model)
     }
-  }))
+
+    return body
+  }
+
+  if (app) {
+    // use some method overload trickery to store a usable model reference
+    app.response.render = function (view, model, callback) {
+      // store a reference to the model if exceptions are being used and a model was set
+      if (model && typeof model === 'object') {
+        resModel = model
+      }
+
+      render.apply(this, arguments)
+    }
+
+    // validate responses under the right conditions
+    app.use(tamper((req, res) => {
+      /**
+       * Skip validation when:
+       * - HTTP status is not 200 (don't validate error pages)
+       * - content-type is not text/html (don't validate non-HTML responses)
+       * - No exception applies
+       */
+      if (res.statusCode === 200 && res.getHeader('Content-Type') && res.getHeader('Content-Type').includes('text/html') && !validatorExceptions(req, res)) {
+        return (body) => {
+          return validate(body, res)
+        }
+      }
+    }))
+  }
+
+  return validate // export validate function for general use
 }
 
 /*