Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
nestjs-form-data
Advanced tools
nestjs-form-data is a [NestJS](https://github.com/nestjs/nest) middleware for handling multipart/form-data, which is primarily used for uploading files. - Process files and strings, serialize form-data to object - Process files in nested objects - Integra
nestjs-form-data is a NestJS middleware for handling multipart/form-data, which is primarily used for uploading files.
nestjs-form-data serializes the form-data request into an object and places it in the body of the request.
The files in the request are transformed into objects.
Standard file storage types:
$ npm install nestjs-form-data
Add the module to your application
@Module({
imports: [
NestjsFormDataModule,
],
})
export class AppModule {
}
Apply @FormDataRequest()
decorator to your controller method
@Controller()
export class NestjsFormDataController {
@Post('load')
@FormDataRequest()
getHello(@Body() testDto: FormDataTestDto): void {
console.log(testDto);
}
}
If you are using class-validator describe dto and specify validation rules
export class FormDataTestDto {
@IsFile()
@MaxFileSize(1e6)
@HasMimeType(['image/jpeg', 'image/png'])
avatar: MemoryStoredFile;
}
You can set the global configuration when connecting the module using the NestjsFormDataModule.config
method:
@Module({
imports: [
NestjsFormDataModule.config({ storage: MemoryStoredFile }),
],
controllers: [],
providers: [],
})
export class AppModule {
}
Or pass the config object while using the decorator on the method
@Controller()
export class NestjsFormDataController {
@Post('load')
@FormDataRequest({storage: MemoryStoredFile})
getHello(@Body() testDto: FormDataTestDto): void {
console.log(testDto);
}
}
storage
- The type of storage logic for the uploaded file (Default MemoryStoredFile)fileSystemStoragePath
- The path to the directory for storing temporary files, used only for storage: FileSystemStoredFile
(Default: /tmp/nestjs-tmp-storage)autoDeleteFile
- Automatically delete files after the request ends (Default true)limits
- busboy limits configuration. Constraints in this declaration are handled at the serialization stage, so using these parameters is preferable for performance.MemoryStoredFile
The file is loaded into RAM, files with this storage type are very fast but not suitable for processing large files.
FileSystemStoredFile
The file is loaded into a temporary directory (see configuration) and is available during the processing of the request. The file is automatically deleted after the request finishes
You can define a custom type of file storage, for this, inherit your class from StoredFile
, see examples in the storage directory
By default, several validators are available with which you can check the file
@IsFile()
- Checks if the value is an uploaded file
@IsFiles()
- Checks an array of files
@MaxFileSize()
- Maximum allowed file size
@MinFileSize()
- Minimum allowed file size
@HasMimeType()
- Check the mime type of the file
If you need to validate an array of files for size or otherwise, use each: true
property from ValidationOptions
Controller
import { FileSystemStoredFile, FormDataRequest } from 'nestjs-form-data';
@Controller()
export class NestjsFormDataController {
@Post('load')
@FormDataRequest({storage: FileSystemStoredFile})
getHello(@Body() testDto: FormDataTestDto): void {
console.log(testDto);
}
}
DTO
import { FileSystemStoredFile, HasMimeType, IsFile, MaxFileSize } from 'nestjs-form-data';
export class FormDataTestDto {
@IsFile()
@MaxFileSize(1e6)
@HasMimeType(['image/jpeg', 'image/png'])
avatar: FileSystemStoredFile;
}
import { FileSystemStoredFile, HasMimeType, IsFiles, MaxFileSize } from 'nestjs-form-data';
export class FormDataTestDto {
@IsFiles()
@MaxFileSize(1e6, { each: true })
@HasMimeType(['image/jpeg', 'image/png'], { each: true })
avatars: FileSystemStoredFile[];
}
FAQs
NestJS middleware for handling multipart/form-data, which is primarily used for uploading files
The npm package nestjs-form-data receives a total of 25,993 weekly downloads. As such, nestjs-form-data popularity was classified as popular.
We found that nestjs-form-data demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.