Route-level file type validation for hapi parsed in-memory request payloads
Route-level file type validation for hapi parsed in-memory multipart/form-data request payloads. Also works as a standalone module.
Install via NPM.
$ npm install houdin
validate(payload, options)Validates all Buffer values in a payload given a whitelist of file types provided in the options. Throws a joi-like ValidationError if some file type is not allowed or unknown otherwise it returns the original payload.
const Hapi = require('hapi');
const Houdin = require('houdin');
const server = new Hapi.Server({
routes: {
validate: {
options: {
whitelist: ['image/png']
}
}
}
});
server.route({
options: {
validate: {
// override the default `failAction` if you want further
// details about the validation error
failAction: (request, h, err) => {
// throw the error as is
throw err;
},
payload: Houdin.validate
},
payload: {
output: 'data',
parse: true
}
}
});
const Houdin = require('houdin');
const options = { whitelist: ['image/png'] };
const png = Buffer.from('89504e470d0a1a0a', 'hex');
const payload = Houdin.validate({ file: png }, options);
console.log(payload); // { file: <Buffer 89 50 4e 47 0d 0a 1a 0a> }
const Houdin = require('houdin');
const options = { whitelist: ['image/png'] };
const gif = Buffer.from('474946383761', 'hex');
try {
Houdin.validate({ file: gif }, options);
}
catch (err) {
console.log(err); // [ValidationError: child "file" fails because ["file" type is not allowed]]
}
The same as file-type.
FAQs
Route-level file type validation for hapi parsed in-memory request payloads
The npm package houdin receives a total of 23 weekly downloads. As such, houdin popularity was classified as not popular.
We found that houdin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.