You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 7-8.RSVP
Socket
Socket
Sign inDemoInstall

raw-body

Package Overview
Dependencies
4
Maintainers
2
Versions
49
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

raw-body

Get and validate the raw body of a readable stream.


Version published
Maintainers
2
Created

Package description

What is raw-body?

The raw-body npm package is used to obtain the raw body of an incoming stream and supports decoding, parsing, and handling of different encodings. It is commonly used in the context of HTTP server handling, where it can be used to read and parse request bodies before they are processed by request handlers or middleware.

What are raw-body's main functionalities?

Getting raw body from a stream

This code creates an HTTP server that uses raw-body to read the request body as a string. It takes into account the content length and encoding specified in the request headers.

const http = require('http');
const getRawBody = require('raw-body');

http.createServer((req, res) => {
  getRawBody(req, {
    length: req.headers['content-length'],
    encoding: 'utf8'
  }, function (err, string) {
    if (err) return res.end('Error');
    res.end('Received: ' + string);
  });
}).listen(3000);

Handling different encodings

This code demonstrates how to use raw-body to handle different text encodings by specifying the encoding option. The promise interface is used for asynchronous handling.

const getRawBody = require('raw-body');

function handleRequest(req) {
  return getRawBody(req, {
    encoding: 'utf8'
  }).then(body => {
    // body is now a string in utf8 encoding
  }).catch(err => {
    // handle error
  });
}

Limiting body size

This code shows how to limit the size of the request body using raw-body by setting a limit option, which can help prevent denial of service attacks or other resource exhaustion issues.

const getRawBody = require('raw-body');

function handleRequest(req) {
  return getRawBody(req, {
    limit: '1mb'
  }).then(body => {
    // body will not be larger than 1mb
  }).catch(err => {
    // handle error if body is too large
  });
}

Other packages similar to raw-body

Readme

Source

raw-body

NPM Version NPM Downloads Node.js Version Build status Test coverage

Gets the entire buffer of a stream either as a Buffer or a string. Validates the stream's length against an expected length and maximum limit. Ideal for parsing request bodies.

Install

This is a Node.js module available through the npm registry. Installation is done using the npm install command:

$ npm install raw-body

TypeScript

This module includes a TypeScript declaration file to enable auto complete in compatible editors and type information for TypeScript projects. This module depends on the Node.js types, so install @types/node:

$ npm install @types/node

API

var getRawBody = require('raw-body')

getRawBody(stream, [options], [callback])

Returns a promise if no callback specified and global Promise exists.

Options:

  • length - The length of the stream. If the contents of the stream do not add up to this length, an 400 error code is returned.
  • limit - The byte limit of the body. This is the number of bytes or any string format supported by bytes, for example 1000, '500kb' or '3mb'. If the body ends up being larger than this limit, a 413 error code is returned.
  • encoding - The encoding to use to decode the body into a string. By default, a Buffer instance will be returned when no encoding is specified. Most likely, you want utf-8, so setting encoding to true will decode as utf-8. You can use any type of encoding supported by iconv-lite.

You can also pass a string in place of options to just specify the encoding.

If an error occurs, the stream will be paused, everything unpiped, and you are responsible for correctly disposing the stream. For HTTP requests, you may need to finish consuming the stream if you want to keep the socket open for future requests. For streams that use file descriptors, you should stream.destroy() or stream.close() to prevent leaks.

Errors

This module creates errors depending on the error condition during reading. The error may be an error from the underlying Node.js implementation, but is otherwise an error created by this module, which has the following attributes:

  • limit - the limit in bytes
  • length and expected - the expected length of the stream
  • received - the received bytes
  • encoding - the invalid encoding
  • status and statusCode - the corresponding status code for the error
  • type - the error type

Types

The errors from this module have a type property which allows for the programmatic determination of the type of error returned.

encoding.unsupported

This error will occur when the encoding option is specified, but the value does not map to an encoding supported by the iconv-lite module.

entity.too.large

This error will occur when the limit option is specified, but the stream has an entity that is larger.

request.aborted

This error will occur when the request stream is aborted by the client before reading the body has finished.

request.size.invalid

This error will occur when the length option is specified, but the stream has emitted more bytes.

stream.encoding.set

This error will occur when the given stream has an encoding set on it, making it a decoded stream. The stream should not have an encoding set and is expected to emit Buffer objects.

stream.not.readable

This error will occur when the given stream is not readable.

Examples

Simple Express example

var contentType = require('content-type')
var express = require('express')
var getRawBody = require('raw-body')

var app = express()

app.use(function (req, res, next) {
  getRawBody(req, {
    length: req.headers['content-length'],
    limit: '1mb',
    encoding: contentType.parse(req).parameters.charset
  }, function (err, string) {
    if (err) return next(err)
    req.text = string
    next()
  })
})

// now access req.text

Simple Koa example

var contentType = require('content-type')
var getRawBody = require('raw-body')
var koa = require('koa')

var app = koa()

app.use(function * (next) {
  this.text = yield getRawBody(this.req, {
    length: this.req.headers['content-length'],
    limit: '1mb',
    encoding: contentType.parse(this.req).parameters.charset
  })
  yield next
})

// now access this.text

Using as a promise

To use this library as a promise, simply omit the callback and a promise is returned, provided that a global Promise is defined.

var getRawBody = require('raw-body')
var http = require('http')

var server = http.createServer(function (req, res) {
  getRawBody(req)
    .then(function (buf) {
      res.statusCode = 200
      res.end(buf.length + ' bytes submitted')
    })
    .catch(function (err) {
      res.statusCode = 500
      res.end(err.message)
    })
})

server.listen(3000)

Using with TypeScript

import * as getRawBody from 'raw-body';
import * as http from 'http';

const server = http.createServer((req, res) => {
  getRawBody(req)
  .then((buf) => {
    res.statusCode = 200;
    res.end(buf.length + ' bytes submitted');
  })
  .catch((err) => {
    res.statusCode = err.statusCode;
    res.end(err.message);
  });
});

server.listen(3000);

License

MIT

FAQs

Package last updated on 21 Feb 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc