node-sanitize-filename icon indicating copy to clipboard operation
node-sanitize-filename copied to clipboard

Published 20 hours ago verified publisher icon parshap

Allow targetting specific file systems

Open parshap opened this issue 10 years ago • 14 comments

Currently given strings are sanitized against all known file systems' requirements. It would be nice to allow the user to specify the file system they need to protect against.

See discussion in #9.

Different operating systems and different filesystems have different rules about what is a valid filename. We could let the user pass in a "target" system (e.g., "windows", or "fat32") and only sanitize against that system's rule.

That said, I think the default behavior should still be to sanitize against all systems. It seems like a safe default for users that don't bother to look at the options. It also handles the common use case of naming files that will be shared across systems (e.g., files served via http).

parshap avatar Mar 19 '15 22:03 parshap

Hey @parshap, sorry for the prolonged silence. I wrote some tests for this and found it to be too complicated to even justify the feature. And since then I've wondered if anyone would actually need it as a feature. So I propose we close this issue and only re-open it if we get a request from someone.. what do you think?

joelmukuthu avatar Jul 31 '15 07:07 joelmukuthu

No problem! But let's keep the issue open.

parshap avatar Jul 31 '15 08:07 parshap

Cool :)

joelmukuthu avatar Jul 31 '15 09:07 joelmukuthu

Been over an year and no one has requested anything. Guess this can be closed now.

mrchief avatar Oct 27 '16 18:10 mrchief

If this project was overwhelmed with open issues I'd close it, but I'll leave it open so it's visible and can be discussed it if anyone has ideas or use cases.

parshap avatar Nov 08 '16 02:11 parshap

Hi I started to use this nice and simple package. But it seem to be a "windows only" package. I would have liked to know in advance.

Its far to restrictive for *nix systems, where almost all characters are legal and used in filenames (even wildcards and quotes)

It should IMO at least have a global option, or even better, check with os.platform()

Best regards Simon Riget

paragi avatar Oct 22 '18 09:10 paragi

You could add something like this:

if( os.platform() != 'win32' ) retun name.replace(//:null/g, '')

paragi avatar Oct 22 '18 09:10 paragi

Hi @paragi. If you use os.platform() to determine how you sanitize you may be hurting users that are on a different platform than you. For example, an application running in a unix environment may want to be generating file names that are safe for use by Windows users.

I think an option for users to optionally specify what target systems to sanitize for (defaulting to all) would be great. Would you be interested in implementing that?

parshap avatar Oct 23 '18 03:10 parshap

Hi @parshap I understand your concern. The real issue is that windows sanitizing is extremely complex, where as everyone else is simple.

Application are often meant for a specific purpose, on a specific platform. Therefore I subscribe to the view that; a library/module should default to support the platform its running on. Windows file name restrictions would curb common filenames used on unix systems.

I would suggest something like this:

if( os.platform() != 'win32' )
        // in unix, only \x00 and path chars (/ .. ~) are illegal.
        return name.replace(/[\/\x00\~]/g, '').replace(/[.]{2,}/g, '');

Even wildcards pipe and quotes are legal. (if a little awkward at times :)

An option to sanitize more, and for windows compability, would of cause be nice :)

paragi avatar Oct 23 '18 08:10 paragi

Yes, sanitizing for Windows is complex, but it already works well here. Changing this would be breaking for existing users and I think creating filenames that are safe for use across platforms is a common use case so we should continue to support that. I'm open to adding Unix-only sanitization as an option, but I am not open to changing the default behavior.

parshap avatar Oct 23 '18 18:10 parshap

I respect that, and I thank you for a nice and easy to use tool, for windows filenames.

paragi avatar Oct 23 '18 18:10 paragi

It's not just OSes; one could use this package to sanitize filenames before storing in a database or before outputting on HTML pages. So I wouldn't tie this package up to file systems specifically.

Note: I'm aware of this package being node only, but given it's generic nature, this can easily be transformed into a UMD package. I would actually vote for that - make this isomorphic!

mrchief avatar Oct 23 '18 19:10 mrchief

Indeed! This package already works in a browser context via Browserify, Webpack, etc. In fact we run real browsers tests in CI via Sauce Labs: https://github.com/parshap/node-sanitize-filename/blob/0d21bf13be419fcde5bc3f241672bd29f7e72c63/.travis.yml#L46

See also #37.

parshap avatar Oct 24 '18 00:10 parshap

My use-case for FAT32 filenames is that it's still kind of the lowest common denominator in terms of OS support. As such, Linux distributions often default to FAT32 for formatting flash drives (NTFS is not supported by macOS and I believe there may be legal issues with exFAT).

As such, I would love to be able to produce filenames that are FAT32-compatible.

12people avatar Mar 11 '23 13:03 12people