Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
check-params
Advanced tools
check-params
Validates url, body, and query parameters for Express
Please ★ this repo if you found it useful ★ ★ ★
Features
- Check body params
- Check query params
- Check url params
Installation
$ npm install --save check-params
Dependencies
Usage
var checkParams = require('check-params');
module.exports = {
exampleController: function(req, res) {
checkParams(req, {
queryParams: [
'hello',
'foo'
]
}).then(function() {
res.json({
message: 'Yaaaay, I have everything I need!!!'
});
}).catch(function(err) {
console.warn(err);
res.status(err.code).json({
message: err.message
});
});
}
};
Now, if I enter the following url . . .
http://myserver.com/example?hello=world&foo=bar
. . . I get the following response.
{
"message": "Yaaaay, I have everything I need!!!"
}
However, if I enter the following url, without the query params . . .
http://myserver.com/example
. . . I get the following response.
{
"message": "You are missing the query params 'hello', and 'foo'."
}
If you do not put in the required parameters, you will get a response asking for them.
More Details
The checkParams function recieves three properties. The last property, options, is optional.
checkParams(
req, // the request object
{
urlParams: [], // an array of required url params
bodyParams: [], // an array of required body params
queryParams: [] // an array of required query params
},
{ // the options property is not required
distictChar: '\'', // the default character to distinguish missing parameters in the error message
oxfordComma: true // whether to use oxford comma's when separating lists
}
);
The checkParams function always returns as a promise. It is also good to note, that the err response has a property called code. This contains the suggested response status code.
Support
Submit an issue
Buy Me Coffee
A ridiculous amount of coffee was consumed in the process of building this project.
Add some fuel if you'd like to keep me going!
Contributing
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature - Commit your changes:
git commit -m 'Add some feature' - Push to the branch:
git push origin my-new-feature - Submit a pull request :D
License
Jam Risser © 2017
Credits
- Jam Risser - Author
Changelog
0.3.0 (2017-06-28)
- Removed message response
0.1.0 (2016-10-25)
- Beta release
FAQs
Validates url, body, and query parameters for Express
The npm package check-params receives a total of 0 weekly downloads. As such, check-params popularity was classified as not popular.
We found that check-params demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 28 Jun 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025