houdin

houdin

Route-level file type validation for hapi parsed in-memory multipart/form-data request payloads. Also works as a standalone module.

Table of Contents

• Installation
• Usage
  • validate(payload, options)
    • Hapi
    • Standalone
• Supported File Types

Installation

Install via NPM.

$ npm install houdin

Usage

validate(payload, options)

Validates all Buffer values in a payload given a whitelist of file types provided in the options. Throws a joi-like ValidationError if some file type is not allowed or unknown otherwise it returns the original payload.

Hapi

const Hapi = require('hapi');
const Houdin = require('houdin');

const server = new Hapi.Server({
    routes: {
        validate: {
            options: {
                whitelist: ['image/png']
            }
        }
    }
});

server.route({
    options: {
        validate: {
            // override the default `failAction` if you want further
            // details about the validation error
            failAction: (request, h, err) => {
                // throw the error as is
                throw err;
            },
            payload: Houdin.validate
        },
        payload: {
            output: 'data',
            parse: true
        }
    }
});

Standalone

const Houdin = require('houdin');

const options = { whitelist: ['image/png'] };
const png = Buffer.from('89504e470d0a1a0a', 'hex');

const payload = Houdin.validate({ file: png }, options);

console.log(payload); // { file: <Buffer 89 50 4e 47 0d 0a 1a 0a> }

const Houdin = require('houdin');

const options = { whitelist: ['image/png'] };
const gif = Buffer.from('474946383761', 'hex');

try {
    Houdin.validate({ file: gif }, options);
}
catch (err) {
    console.log(err); // [ValidationError: child "file" fails because ["file" type is not allowed]]
}

Supported File Types

The same as file-type.

Changelog

v5.0.2 (2018-03-05)

Full Changelog

Closed issues:

• hoek security issues #40

Merged pull requests:

• Update dependencies #41 (ruiquelhas)