File type validation for hapi raw in-memory multipart/form-data request payloads.
Like most modern magicians, builds on the work, knowledge and influence of others before it, in this case, copperfield.
Install via NPM.
$ npm install blaine
Register the package as a server plugin to enable validation for each route that does not parse — parse: false — into memory, the request payload — output: 'data'. For every other route with a different configuration, the validation is skipped.
If the validation fails, a joi-like 400 Bad Request error is returned alongside an additional content-validation: failure response header. If everything is ok, the response will ultimately contain a content-validation: success header.
Also, if the Content-Type request header is not multipart/form-data, a 415 Unsupported Media Type error is returned, but in this case, without any additional response header.
const Hapi = require('hapi');
const Blaine = require('blaine');
try {
const server = new Hapi.Server();
await server.register({
plugin: Blaine,
options: {
// Allow png files only
whitelist: ['image/png']
}
});
server.route({
// go nuts
options: {
payload: {
output: 'data',
parse: false
}
// go nuts
}
});
await server.start();
}
catch (err) {
throw err;
}
The same as file-type.
v6.0.0 (2017-11-11)
Closed issues:
Merged pull requests:
FAQs
File type validation for hapi raw in-memory request payloads
The npm package blaine receives a total of 0 weekly downloads. As such, blaine popularity was classified as not popular.
We found that blaine demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.