huginn

Crates.io	huginn
lib.rs	huginn
version	1.0.0
created_at	2025-01-31 21:32:56.716214+00
updated_at	2025-04-06 19:50:52.356694+00
description	Secure input validation and sanitization library with extensible architecture
homepage	https://github.com/xvi-xv-xii-ix-xxii-ix-xiv/huginn
repository	https://github.com/xvi-xv-xii-ix-xxii-ix-xiv/huginn
max_upload_size
id	1537850
size	93,375

Ingvar (xvi-xv-xii-ix-xxii-ix-xiv)

documentation

https://docs.rs/huginn/0.9.0-rc.1/huginn/

README

🛡️ Huginn - Secure Input Validation Library for Rust

A high-performance, thread-safe input validation library with multi-level security checks and customizable sanitization rules. Designed for secure handling of user-provided data in mission-critical applications.

Features ✨

Military-grade sanitization
Block XSS, SQLi, path traversal, and other injection attacks
Zero-copy processing
Optimized for maximum performance with minimal allocations
Thread-safe architecture
Built with Arc and Send + Sync for concurrent workloads
Custom rule engine
Create domain-specific validation logic with trait-based system
Smart encoding detection
Auto-handle URL-encoded and hex-encoded payloads
Serde integration
(Optional) Serialize/deserialize validation results

Installation 📦

Add to your Cargo.toml:

[dependencies]
huginn = "0.9.0-rc.1"
# For serde support:
huginn = { version = "0.9.0-rc.1", features = ["serde"] }

Usage

Basic Validation

use huginn::{SecurityConfig, ValidationError, validation::{Validator, sanitize_and_validate}};

struct EmailValidator;

impl Validator<String> for EmailValidator {
    fn validate(&self, input: &str) -> Result<String, ValidationError> {
        // Custom validation logic
        if input.contains('@') {
            Ok(input.to_string())
        } else {
            Err(ValidationError::InvalidFormat {
                target_type: "email"
            })
        }
    }

    fn target_type(&self) -> &'static str {
        "email"
    }
}

fn main() {
    let config = SecurityConfig::default();
    let input = "user@example.com";

    match sanitize_and_validate(input, &EmailValidator, &config) {
        Ok(result) => println!("Valid: {}", result.cleaned),
        Err(e) => eprintln!("Validation failed: {}", e),
    }
}

Advanced Configuration

let config = SecurityConfig::builder()
    .add_forbidden_char('$')
    .add_blocked_pattern(r"(?i)password")
    .expect("Invalid regex pattern")
    .build();

let input = "P@ssw0rd123!";
let validator = PasswordValidator::new(12, true);

sanitize_and_validate(input, &validator, &config)?;

Validation Pipeline 🔄

Input Decoding
- Auto-detect and decode URL/hex encoding
Sanitization
- Remove forbidden characters using pattern matching
Pattern Blocking
- Check against 50+ built-in dangerous patterns
Custom Validation
- Execute domain-specific validation rules
Result Packaging
- Return both original and sanitized data

Documentation 📚

Full API reference available on docs.rs

License 📄

MIT License - See LICENSE for details

Commit count: 8