Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
express-request-checker
Advanced tools
Readme
Create request checker middleware for Express.
with express-request-checker, checking HTTP request's query
, body
or url params
will be more easy and readable. All the works is just require
express-request-checker in router.js
which belongs to an Express project and config it. So it's no need to modify any other source file.
Since validation codes are written in a config-like way, router.js
file will look like an API document, I hope that the communication cost within the development team can be reduced.
router.js
is also an API document.// router.js
var express = require('express');
var reqCheckerModule = require('express-request-checker');
var reqChecker = reqCheckerModule.requestChecker;
var router = express.Router();
var options = {
strict: false, // Allow unexpected parameter. (true|false, DEFAULT: true)
query: { // Check req.query. (params|query|body)
'param1': {
matchRegExp: /^[0-9]{1}$/
},
'param2': {
isIn: [1, 2, 3],
isOptional: true // Optional parameter. (true|false, DEFAULT: false)
}
}
};
router.get('/path', reqChecker(options), handlerFunction);
module.exports = router;
# router.coffee
express = require 'express'
reqCheckerModule = require 'express-request-checker'
reqChecker = reqCheckerModule.requestChecker
router = express.Router()
options =
strict: false # Allow unexpected parameter. (true|false, DEFAULT: true)
query: # Check req.query. (params|query|body)
'param1':
matchRegExp: /^[0-9]{1}$/
'param2':
isIn: [1, 2, 3]
isOptional: true # Optional parameter. (true|false, DEFAULT: false)
router.get '/path', reqChecker(options), handlerFunction
module.exports = router
// router.js
var express = require('express');
var reqCheckerModule = require('express-request-checker');
var reqChecker = reqCheckerModule.requestChecker;
var router = express.Router();
var validator = require('validator');
var options = {
params: {
'id': {
assertTrue: validator.isInt
}
},
body: {
'email': {
assertTrue: validator.isEmail
},
'jsonData': {
assertTrue: validator.isJSON
}
}
};
router.post('/user/:id', reqChecker(options), handlerFunction);
module.exports = router;
Option | Default Value |
---|---|
strict | true |
Option | Default Value |
---|---|
isOptional | false |
assertTrue | [] |
assertFalse | [] |
matchRegExp | [] |
isIn | [] |
notIn | [] |
isInteger | null |
isEmail | null |
isArray | null |
isIntegerArray | null |
equal | null |
greaterThan | null |
greaterEqual | null |
lessThan | null |
lessEqual | null |
allowEmpty | false |
minLength | null |
maxLangth | null |
function
, [function, function ...]
or []
. (DEFAULT: []
- No checker)
Using parameter in request as function(s)'s argument, if the function(s) return true
,OK. Otherwise, NG.
Example:
option = {
query: {
param1: {
assertTrue: [function(value) { return value > 10; }]
}
}
}
Opposite to assertTrue
.
RegExp
, [RegExp, RegExp ...]
or []
. (DEFAULT: []
- Don't check)
If the RegExp(s) test result is true
, OK. Otherwise, NG.
Example:
option = {
query: {
param1: {
matchRegExp: [/^[012]{1}$/, /^[234]{1}$/]
}
}
}
[value, value, ...]
or []
. (DEFAULT: []
- Don't check)
Values of parameter in request which are allowed.
Example:
option = {
query: {
param1: {
isIn: [1, 2, 3]
}
}
}
Opposite to isIn
.
true
or false
. (DEFALT:null
- Don't care)
when true
, The value of parameter in request must be an integer
.
when false
, The value of parameter in request must NOT be an integer
.
Example:
option = {
query: {
param1: {
isInteger: true
}
}
}
true
or false
. (DEFALT:null
- Don't care)
when true
, The value of parameter in request must be an correct email address.
when false
, The value of parameter in request must NOT be an email address.
Example:
option = {
query: {
param1: {
isEmail: true
}
}
}
true
or false
. (DEFALT:null
- Don't care)
when true
, The value of parameter in request must be an Array or stringified Array.
when false
, The value of parameter in request must NOT be an Array or stringified Array.
Example:
option = {
query: {
param1: {
isArray: true
}
}
}
true
or false
. (DEFALT:null
- Don't care)
when true
, The value of parameter in request must be an Array or stringified Array whose elements are all integers.
when false
, The value of parameter in request must NOT be an Array or stringified Array whose elements are all integers.
Example:
option = {
query: {
param1: {
isIntegerArray: true
}
}
}
integer
or null
. (DEFALT:null
- Don't care)
The value of parameter in request must be equal/greaterThan/greaterEqual/lessThan/lessEqual to the option value.
Example:
option = {
query: {
param1: {
equal: 100
}
}
}
true
or false
. (DEFAULT: false
)
when setted true
, The value of parameter in request can be ''
.
when setted true
, The value of parameter in request can NOT be ''
.
Example:
option = {
query: {
param1: {
isEmpty: false
}
}
}
integer
or null
. (DEFALT:null
- Don't care)
Max/Min Length of the value of parameter in request.
Example:
option = {
query: {
param1: {
minLength: 5,
maxLength: 10
}
}
}
npm install express-request-checker
cd node_modules/express-request-checker
npm test
FAQs
Express request checker extension.
The npm package express-request-checker receives a total of 13 weekly downloads. As such, express-request-checker popularity was classified as not popular.
We found that express-request-checker demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.