Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
fastify-raw-body
Advanced tools
Adds the raw body to the Fastify request object.
npm i fastify-raw-body
Plugin version | Fastify version |
---|---|
^2.0.0 | ^2.0.0 |
^3.0.0 | ^3.0.0 |
^4.0.0 | ^4.0.0 |
This plugin will add the request.rawBody
.
It will get the data using the preParsing
hook.
import Fastify from 'fastify'
const app = Fastify()
await app.register(import('fastify-raw-body'), {
field: 'rawBody', // change the default request.rawBody property name
global: false, // add the rawBody to every request. **Default true**
encoding: 'utf8', // set it to false to set rawBody as a Buffer **Default utf8**
runFirst: true, // get the body before any preParsing hook change/uncompress it. **Default false**
routes: [] // array of routes, **`global`** will be ignored, wildcard routes not supported
})
app.post('/', {
config: {
// add the rawBody to this route. if false, rawBody will be disabled when global is true
rawBody: true
},
handler (req, reply) {
// req.rawBody the string raw body
reply.send(req.rawBody)
}
})
Note
You need toawait
the plugin registration to make sure the plugin is ready to use. All the routes defined before the plugin registration will be ignored. This change has been introduced in Fastify v4.
Warning
Settingglobal: false
and then the route configuration{ config: { rawBody: true } }
will save memory of your server since therawBody
is a copy of thebody
and it will double the memory usage.
So use it only for the routes that you need to.
It is important to know that setting encoding: false
will run addContentTypeParser
to add a content type parser for application/json
.
This is needed since the default content type parser will set the encoding of the request stream to { parseAs: 'string' }
.
If you haven't customized this component, it will be secure as the original one since secure-json-parse
is used under the hood.
Copyright Manuel Spigolon, Licensed under MIT.
FAQs
Request raw body
The npm package fastify-raw-body receives a total of 71,656 weekly downloads. As such, fastify-raw-body popularity was classified as popular.
We found that fastify-raw-body demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.