express-content-length-validator
Make sure your application is not vulnerable to large payload attacks
Last updated 5 years ago by ericmdantas .
MIT · Repository · Bugs · Original npm · Tarball · package.json
$ cnpm install express-content-length-validator 
SYNC missed versions from official npm registry.

express-content-length-validator

Build Status Coverage Status

Make sure your application is not vulnerable to large payload attacks

install

$ npm install express-content-length-validator --save

api

Once you've gotten the content-length module:


    var contentLength = require('express-content-length-validator');

You'll have a single function to work with: validateMax.

contentLength.validateMax(options)

options is an object with three properties:

  • max, which defaults to 999;
  • status, which defaults to 400;
  • message, which defaults to "Invalid payload; too big.".

usage as a middleware


    var contentLength = require('express-content-length-validator');
    var app = require('express')();
    var MAX_CONTENT_LENGTH_ACCEPTED = 9999;

    app.use(contentLength.validateMax({max: MAX_CONTENT_LENGTH_ACCEPTED, status: 400, message: "stop it!"})); // max size accepted for the content-length

    // and then, when you're checking the routes

    app
        .post('/some/url/here', function(req, res)
        {
            /*all is good, the content-length is less than the expected
              so you can keep with your business logic*/
        });

    app.listen(8080);

usage per endpoint


    var contentLength = require('express-content-length-validator');
    var app = require('express')();
    var MAX_CONTENT_LENGTH_ACCEPTED = 9999;

    app.post('/some/url/here', contentLength.validateMax({max: MAX_CONTENT_LENGTH_ACCEPTED, status: 400, message: "send a smaller json, will ya?"}), function(req, res)
    {
        /*all is good, the content-length is less than the expected
        so you can keep with your business logic*/
    });

    app.listen(8080);

It's that easy =]

license

MIT

Current Tags

  • 1.0.0                                ...           latest (5 years ago)

5 Versions

  • 1.0.0                                ...           5 years ago
  • 0.0.4                                ...           6 years ago
  • 0.0.3                                ...           6 years ago
  • 0.0.2                                ...           6 years ago
  • 0.0.1                                ...           6 years ago

Copyright 2014 - 2016 © taobao.org |