Security News
Opengrep Emerges as Open Source Alternative Amid Semgrep Licensing Controversy
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
By Sarah Gooding - Jan 28, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
express-form-data
Advanced tools
express-form-data
Module to parse multipart/form data. Based on connect-multiparty
Install
npm install express-form-data
Example
const formData = require("express-form-data");
const express = require("express");
const os = require("os");
const app = express();
/**
* Options are the same as multiparty takes.
* But there is a new option "autoClean" to clean all files in "uploadDir" folder after the response.
* By default, it is "false".
*/
const options = {
uploadDir: os.tmpdir(),
autoClean: true
};
// parse data with connect-multiparty.
app.use(formData.parse(options));
// delete from the request all empty files (size == 0)
app.use(formData.format());
// change the file objects to fs.ReadStream
app.use(formData.stream());
// union the body and the files
app.use(formData.union());
After this we can see in req:
- req.files = {...} all files
- req.body = {...} all data including files (or streams if you use .stream())
FAQs
Module to parse multipart/form data
The npm package express-form-data receives a total of 11,777 weekly downloads. As such, express-form-data popularity was classified as popular.
We found that express-form-data demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 29 Dec 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
By Sarah Gooding - Jan 24, 2025
Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
By Sarah Gooding - Jan 24, 2025