Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
body-parser
Advanced tools
What is body-parser?
The body-parser package is a Node.js middleware that parses incoming request bodies before your handlers, available under the req.body property. It is commonly used to parse JSON, raw, text, and URL-encoded form data.
What are body-parser's main functionalities?
JSON Body Parsing
This feature allows the server to accept and parse incoming requests with JSON payloads, making the parsed data available under req.body.
const express = require('express');
const bodyParser = require('body-parser');
const app = express();
app.use(bodyParser.json());
app.post('/json', (req, res) => {
res.send(req.body);
});URL-Encoded Form Data Parsing
This feature is used to parse payloads from forms submitted via HTTP POST. The 'extended' option allows for rich objects and arrays to be encoded into the URL-encoded format, allowing for a JSON-like experience with URL-encoded forms.
const express = require('express');
const bodyParser = require('body-parser');
const app = express();
app.use(bodyParser.urlencoded({ extended: true }));
app.post('/form', (req, res) => {
res.send(req.body);
});Raw Body Parsing
This feature lets the server accept raw data in the request body, useful for parsing bodies that are not text-based, like binary data streams.
const express = require('express');
const bodyParser = require('body-parser');
const app = express();
app.use(bodyParser.raw({ type: 'application/vnd.custom-type' }));
app.post('/raw', (req, res) => {
res.send(req.body);
});Text Body Parsing
This feature allows parsing text bodies, such as plain text or HTML, from the request body.
const express = require('express');
const bodyParser = require('body-parser');
const app = express();
app.use(bodyParser.text({ type: 'text/html' }));
app.post('/text', (req, res) => {
res.send(req.body);
});Other packages similar to body-parser
multer
Multer is a middleware for handling 'multipart/form-data', primarily used for uploading files. It is different from body-parser as it is specialized for file upload scenarios.
formidable
Formidable is a Node.js module for parsing form data, especially file uploads. It can handle multiple file uploads and supports file size limits, making it more feature-rich for handling forms than body-parser.
busboy
Busboy is a streaming parser for HTML form data for Node.js. It is faster and more efficient for large file uploads compared to body-parser, which does not handle file streams.
koa-body
Designed for the Koa framework, koa-body is a full-featured body parser middleware. It supports multipart, urlencoded, and json request bodies and provides additional features like file uploads, making it a more comprehensive solution than body-parser for Koa applications.
body-parser 
Node.js body parsing middleware.
This only handles urlencoded and json bodies.
For multipart bodies, you may be interested in the following modules:
Other body parsers you might be interested in:
Installation
$ npm install body-parser
API
var express = require('express')
var bodyParser = require('body-parser')
var app = express()
// parse application/json and application/x-www-form-urlencoded
app.use(bodyParser())
// parse application/vnd.api+json as json
app.use(bodyParser.json({ type: 'application/vnd.api+json' }))
app.use(function (req, res, next) {
console.log(req.body) // populated!
next()
})
bodyParser(options)
Returns middleware that parses both json and urlencoded.
The options are passed to both middleware, except type.
bodyParser.json(options)
Returns middleware that only parses json. The options are:
strict- only parse objects and arrays. (default:true)limit- maximum request body size. (default:<100kb>)reviver- passed toJSON.parse()type- request content-type to parse (default:json)verify- function to verify body content
The type argument is passed directly to the type-is library. This can be an extension name (like json), a mime type (like application/json), or a mime time with a wildcard (like */json).
The verify argument, if supplied, is called as verify(req, res, buf, encoding), where buf is a Buffer of the raw request body and encoding is the encoding of the request. The parsing can be aborted by throwing an error.
The reviver argument is passed directly to JSON.parse as the second argument. You can find more information on this argument in the MDN documentation about JSON.parse.
bodyParser.urlencoded(options)
Returns middleware that only parses urlencoded with the qs module. The options are:
limit- maximum request body size. (default:<100kb>)type- request content-type to parse (default:urlencoded)verify- function to verify body content
The type argument is passed directly to the type-is library. This can be an extension name (like urlencoded), a mime type (like application/x-www-form-urlencoded), or a mime time with a wildcard (like */x-www-form-urlencoded).
The verify argument, if supplied, is called as verify(req, res, buf, encoding), where buf is a Buffer of the raw request body and encoding is the encoding of the request. The parsing can be aborted by throwing an error.
req.body
A new body object containing the parsed data is populated on the request object after the middleware.
License
The MIT License (MIT)
Copyright (c) 2014 Jonathan Ong me@jongleberry.com
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Node.js body parsing middleware
The npm package body-parser receives a total of 0 weekly downloads. As such, body-parser popularity was classified as not popular.
We found that body-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 27 May 2014
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025