Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@middy/http-multipart-body-parser
Advanced tools
Http event normalizer middleware for the middy framework
HTTP json body parser middleware for the middy framework, the stylish Node.js middleware engine for AWS Lambda
You can read the documentation at: https://middy.js.org/docs/middlewares/http-multipart-body-parser
Automatically parses HTTP requests with content type multipart/form-data
and converts the body into an
object. Also handles gracefully broken JSON as UnprocessableEntity (422 errors)
if used in combination with httpErrorHandler
.
It can also be used in combination with validator so that the content can be validated.
Note: by default this is going to parse only events that contain the header Content-Type
(or content-type
) set to multipart/form-data
. If you want to support different casing for the header name (e.g. Content-type
) then you should use the httpHeaderNormalizer
middleware before this middleware.
To install this middleware you can use NPM:
npm install --save @middy/http-multipart-body-parser
busboy
(object) (default {}
): it can be used to pass extraparameters to the internal busboy
instance at creation time. Checkout the official documentation for more information on the supported options.Note: this middleware will buffer all the data as it is processed internally by busboy
, so, if you are using this approach to parse significantly big volumes of data, keep in mind that all the data will be allocated in memory. This is somewhat inevitable with Lambdas (as the data is already encoded into the JSON in memory as Base64), but it's good to keep this in mind and evaluate the impact on you application.
If you really have to deal with big files, then you might also want to consider to allowing your users to directly upload files to S3
import middy from '@middy/core'
import httpHeaderNormalizer from '@middy/http-header-normalizer'
import httpMultipartBodyParser from '@middy/http-multipart-body-parser'
const handler = middy((event, context) => {
return {}
})
handler
.use(httpHeaderNormalizer())
.use(httpMultipartBodyParser())
// invokes the handler
const event = {
headers: {
'Content-Type': 'multipart/form-data; boundary=----WebKitFormBoundaryppsQEwf2BVJeCe0M'
},
body: 'LS0tLS0tV2ViS2l0Rm9ybUJvdW5kYXJ5cHBzUUV3ZjJCVkplQ2UwTQ0KQ29udGVudC1EaXNwb3NpdGlvbjogZm9ybS1kYXRhOyBuYW1lPSJmb28iDQoNCmJhcg0KLS0tLS0tV2ViS2l0Rm9ybUJvdW5kYXJ5cHBzUUV3ZjJCVkplQ2UwTS0t',
isBase64Encoded: true
}
handler(event, {}, (_, body) => {
t.is(body,{ foo: 'bar' })
})
For more documentation and examples, refers to the main Middy monorepo on GitHub or Middy official website.
Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.
Licensed under MIT License. Copyright (c) 2017-2022 Luciano Mammino, will Farrell, and the Middy team.
FAQs
Http event normalizer middleware for the middy framework
The npm package @middy/http-multipart-body-parser receives a total of 9,436 weekly downloads. As such, @middy/http-multipart-body-parser popularity was classified as popular.
We found that @middy/http-multipart-body-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.