Class InputValidator
Namespace: Belay.Core.Security
Assembly: Belay.Core.dll
Provides input validation and sanitization for MicroPython code execution. Protects against command injection, malicious code patterns, and unsafe operations.
public static class InputValidatorInheritance
Inherited Members
object.Equals(object?), object.Equals(object?, object?), object.GetHashCode(), object.GetType(), object.MemberwiseClone(), object.ReferenceEquals(object?, object?), object.ToString()
Remarks
This validator focuses on defensive security for MicroPython device communication. It identifies and blocks common injection attack patterns while allowing legitimate Python code to execute safely.
Key protection areas:
- Command injection via escaped quotes and shell metacharacters
- File system manipulation outside of intended scope
- Network access and subprocess execution
- Binary data exfiltration and protocol manipulation
- Resource exhaustion and infinite loops
Methods
CreateSafeCodeFromTemplate(string, IReadOnlyDictionary<string, object?>)
Creates a safe Python code template with validated parameter substitution.
Validates that a parameter name is safe for Python code generation.
SanitizePythonString(string?, bool)
Sanitizes a string for safe use in Python string literals. Enhanced version of the existing EscapePythonString method.
ValidateCode(string, bool, bool)
Validates Python code input for security risks and injection attempts.
ValidateCode(string, SecurityConfiguration)
Validates Python code input for security risks and injection attempts using a security configuration.