AntiLdapInjection 1.0.0

There is a newer version of this package available.
See the version list below for details.
dotnet add package AntiLdapInjection --version 1.0.0
NuGet\Install-Package AntiLdapInjection -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="AntiLdapInjection" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add AntiLdapInjection --version 1.0.0
#r "nuget: AntiLdapInjection, 1.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install AntiLdapInjection as a Cake Addin
#addin nuget:?package=AntiLdapInjection&version=1.0.0

// Install AntiLdapInjection as a Cake Tool
#tool nuget:?package=AntiLdapInjection&version=1.0.0

Anti-LDAP Injection

CI build status CD release status Latest NuGet release Total NuGet installs

A .NET library that provides protection against LDAP Injection.

Most of the of the code was extracted from Microsoft's AntiXss library (v4.3) LDAP Encoder, which is no longer maintained.

Installation

The latest AntiLdapInjection package is available for installation on NuGet. Use any of the following client tool commands listed below to install the package.

Install package using dotnet CLI

dotnet add package AntiLdapInjection

Install package using NuGet Package Manager

Install-Package AntiLdapInjection

Install package using PackageReference

For projects that support PackageReference, copy this XML node into the project file to reference the package.

<PackageReference Include="AntiLdapInjection" Version="x.x.x" />

Be sure to replace x.x.x with an appropriate Version.

Usage

FilterEncode

FilterEncode encodes input according to RFC 4515, where unsafe values are converted to \XX (XX is the representation of the unsafe character).

Example: opening/closing parenthesis
string filter = "Parens R Us (for all your parenthetical needs)";
string encoded = LdapEncoder.FilterEncode(filter);
Console.WriteLine(encoded); // "Parens R Us \28for all your parenthetical needs\29"
Example: asterisk in search filter
string filter = "*";
string encoded = LdapEncoder.FilterEncode(filter);
Console.WriteLine(encoded); // "\2A"
Example: backslash in search filter
string filter = @"C:\MyFile";
string encoded = LdapEncoder.FilterEncode(filter);
Console.WriteLine(encoded); // "C:\5CMyFile"
Example: accents in search filter
string filter = "Lučić";
string encoded = LdapEncoder.FilterEncode(filter);
Console.WriteLine(encoded); // "Lu\C4\8Di\C4\87"

DistinguishedNameEncode

DistinguishedNameEncode encodes input according to RFC 2253, where unsafe characters are converted to #XX where XX is the representation of the unsafe character and the comma, plus, quote, slash, less than and great than signs are escaped using slash notation (\X). In addition to this, a space or octothorpe (#) at the beginning of the input string is escaped (\), as is a space at the end of a string.

Example: distinguished name slash notation
string dn = @", + \ "" \ < >";
string encoded = LdapEncoder.DistinguishedNameEncode(dn);
Console.WriteLine(encoded); // "\, \+ \" \\ \< \>"
Example: leading space in distinguished name
string dn = " Hello";
string encoded = LdapEncoder.DistinguishedNameEncode(dn);
Console.WriteLine(encoded); // "\ Hello"
Example: trailing space in distinguished name
string dn = "Hello ";
string encoded = LdapEncoder.DistinguishedNameEncode(dn);
Console.WriteLine(encoded); // "Hello\ "
Example: octothorpe character in distinguished name
string dn = "#Hello";
string encoded = LdapEncoder.DistinguishedNameEncode(dn);
Console.WriteLine(encoded); // "\#Hello"
Example: accents in distinguished name
string dn = "Lučić";
string encoded = LdapEncoder.DistinguishedNameEncode(dn);
Console.WriteLine(encoded); // "Lu#C4#8Di#C4#87"
Initial and final character overrides

You have the option to turn off initial or final character escaping rules. For example, if you are concatenating a escaped distinguished name fragment into the midst of a complete distinguished name.

DistinguishedNameEncode(
string input,
 bool useInitialCharacterRules,
 bool useFinalCharacterRule)

In addition to the RFC mandated escaping, the safe list excludes the characters listed under the LDAP escape sequences section.

LDAP injection resources

Similar libraries

Similar libraries providing protections against LDAP injection, not necessarily in .NET.

Node.js

ldap-escape

ldap-escape is an npm package that provides template literal tag functions for LDAP filters and distinguished names to prevent LDAP injection attacks.

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp1.0 was computed.  netcoreapp1.1 was computed.  netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard1.1 is compatible.  netstandard1.2 was computed.  netstandard1.3 was computed.  netstandard1.4 was computed.  netstandard1.5 was computed.  netstandard1.6 was computed.  netstandard2.0 was computed.  netstandard2.1 was computed. 
.NET Framework net45 was computed.  net451 was computed.  net452 was computed.  net46 was computed.  net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen30 was computed.  tizen40 was computed.  tizen60 was computed. 
Universal Windows Platform uap was computed.  uap10.0 was computed. 
Windows Phone wpa81 was computed. 
Windows Store netcore was computed.  netcore45 was computed.  netcore451 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on AntiLdapInjection:

Package Downloads
Quaero.Ldap

Package Description

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.1.4 33,453 5/20/2022
1.1.3 398 5/20/2022
1.1.2 440 5/18/2022
1.1.1 408 5/18/2022
1.1.0 380 1/6/2022
1.0.9 3,581 6/13/2021
1.0.8 355 2/26/2021
1.0.7 569 2/8/2021
1.0.6 352 2/5/2021
1.0.5 332 2/5/2021
1.0.4 338 2/5/2021
1.0.3 321 2/4/2021
1.0.2 320 2/3/2021
1.0.1 352 2/3/2021
1.0.0 344 2/3/2021
1.0.0-pre 224 2/1/2021