New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@companieshouse/web-security-node
Advanced tools
@companieshouse/web-security-node - npm Package Compare versions
Comparing version 4.2.0 to 4.2.1
| import { SessionStore } from '@companieshouse/node-session-handler'; | ||
| import { RequestHandler } from 'express'; | ||
| import { Request, RequestHandler } from 'express'; | ||
| export declare const defaultCsrfTokenFactory: () => string; | ||
@@ -14,1 +14,2 @@ export interface CsrfOptions { | ||
| export declare const CsrfProtectionMiddleware: (csrfOptions: CsrfOptions) => RequestHandler; | ||
| export declare const extractFields: (req: Request) => void; |
@@ -15,3 +15,3 @@ "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.CsrfProtectionMiddleware = exports.defaultCsrfTokenFactory = void 0; | ||
| exports.extractFields = exports.CsrfProtectionMiddleware = exports.defaultCsrfTokenFactory = void 0; | ||
| const node_session_handler_1 = require("@companieshouse/node-session-handler"); | ||
@@ -23,2 +23,3 @@ const SessionKey_1 = require("@companieshouse/node-session-handler/lib/session/keys/SessionKey"); | ||
| const uuid_1 = require("uuid"); | ||
| const busboy_1 = __importDefault(require("busboy")); | ||
| const errors_1 = require("./errors"); | ||
@@ -45,2 +46,5 @@ const APP_NAME = 'web-security-node'; | ||
| try { | ||
| if (isContentTypeMultiPartFormData(req)) { | ||
| (0, exports.extractFields)(req); | ||
| } | ||
| if (!req.session) { | ||
@@ -95,1 +99,14 @@ logger.error(`${appName} - handler: Session object is missing!`); | ||
| }; | ||
| const isContentTypeMultiPartFormData = (req) => { | ||
| var _a; | ||
| return !!((_a = req.headers['content-type']) === null || _a === void 0 ? void 0 : _a.includes('multipart/form-data')); | ||
| }; | ||
| const extractFields = (req) => { | ||
| const busboy = (0, busboy_1.default)({ | ||
| headers: req.headers, | ||
| }); | ||
| busboy.on('field', (fieldname, value) => { | ||
| req.body[fieldname] = value; | ||
| }); | ||
| }; | ||
| exports.extractFields = extractFields; |
| { | ||
| "name": "@companieshouse/web-security-node", | ||
| "version": "4.2.0", | ||
| "version": "4.2.1", | ||
| "description": "Middleware for chs authentication", | ||
@@ -23,2 +23,3 @@ "main": "dist/index.js", | ||
| "@companieshouse/structured-logging-node": "~2.0.1", | ||
| "busboy": "^1.6.0", | ||
| "express-async-handler": "^1.2.0", | ||
@@ -28,2 +29,3 @@ "uuid": "^9.0.1" | ||
| "devDependencies": { | ||
| "@types/busboy": "^1.5.4", | ||
| "@types/chai": "^4.2.11", | ||
@@ -30,0 +32,0 @@ "@types/express": "^4.17.6", |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by2.22%
34753
- Lines of code
- increased by4.85%
389
Worsened metrics
- Dependency count
- increased by25%
5
- Dev dependency count
- increased by5.56%
19
Dependency changes
+ Addedbusboy@^1.6.0
+ Addedbusboy@1.6.0(transitive)
+ Addedstreamsearch@1.1.0(transitive)