Sanitize a string to be safe for use as a filename by removing directory paths and invalid characters.
var sanitize = require("sanitize-filename");
// Some string that may be unsafe or invalid as a filename
var UNSAFE_USER_INPUT = "~/.\u0000ssh/authorized_keys";
// Sanitize the string to be safe for use as a filename.
var filename = sanitize(UNSAFE_USER_INPUT);
// -> "~.sshauthorized_keys"sanitize-filename works by searching the input string for the following and removes them.
- Control characters (
0x00-0x1fand0x80-0x9f) - Reserved characters (
/?<>\:*|") - Unix reserved filenames (
.and..) - Windows reserved filenames (
CONPRNAUXNULCOM1COM2COM3COM4COM5COM6COM7COM8COM9LPT1LPT2LPT3LPT4LPT5LPT6LPT7LPT8andLPT9)
The return value is capped at 255 characters in length.
This guarantees that the resulting string does not contain directory
paths (no / or \ characters) and is a valid filename.
The return value will be safe for use as a filename on modern Windows,
OSX, and Unix file systems (NTFS, ext, etc.).
FAT 8.3 filenames are not supported.
The test program will attempt to use various strings (including the Big
List of Naughty Strings) to create files in the working
directory. Run npm test to run tests against your file system.
Note that two unique inputs can result in the same return value. For example:
var sanitize = require("sanitize-filename");
sanitize("file?")
// -> "file"
sanitize ("file*")
// -> "file"Note that the return value can be an empty string. For example:
var sanitize = require("sanitize-filename");
sanitize("..")
// -> ""Sanitize the input string filename by removing or replacing invalid
characters. options.replacement can be a string to replace characters
with.
npm install sanitize-filename