ecl

express-content-length-validator

Make sure your application is not vulnerable to large payloads attacks

Showing:

Popularity

Downloads/wk

2.7K

GitHub Stars

47

Maintenance

Last Commit

5yrs ago

Contributors

2

Package

Dependencies

0

Size (min+gzip)

0.3KB

License

MIT

Type Definitions

Tree-Shakeable

No?

Categories

Readme

express-content-length-validator

Build Status Coverage Status

Make sure your application is not vulnerable to large payload attacks

install

$ npm install express-content-length-validator --save

api

Once you've gotten the content-length module:


    var contentLength = require('express-content-length-validator');

You'll have a single function to work with: validateMax.

contentLength.validateMax(options)

options is an object with three properties:

  • max, which defaults to 999;
  • status, which defaults to 400;
  • message, which defaults to "Invalid payload; too big.".

usage as a middleware


    var contentLength = require('express-content-length-validator');
    var app = require('express')();
    var MAX_CONTENT_LENGTH_ACCEPTED = 9999;

    app.use(contentLength.validateMax({max: MAX_CONTENT_LENGTH_ACCEPTED, status: 400, message: "stop it!"})); // max size accepted for the content-length

    // and then, when you're checking the routes

    app
        .post('/some/url/here', function(req, res)
        {
            /*all is good, the content-length is less than the expected
              so you can keep with your business logic*/
        });

    app.listen(8080);

usage per endpoint


    var contentLength = require('express-content-length-validator');
    var app = require('express')();
    var MAX_CONTENT_LENGTH_ACCEPTED = 9999;

    app.post('/some/url/here', contentLength.validateMax({max: MAX_CONTENT_LENGTH_ACCEPTED, status: 400, message: "send a smaller json, will ya?"}), function(req, res)
    {
        /*all is good, the content-length is less than the expected
        so you can keep with your business logic*/
    });

    app.listen(8080);

It's that easy =]

license

MIT

Rate & Review

Great Documentation0
Easy to Use0
Performant0
Highly Customizable0
Bleeding Edge0
Responsive Maintainers0
Poor Documentation0
Hard to Use0
Slow0
Buggy0
Abandoned0
Unwelcoming Community0
100
No reviews found
Be the first to rate

Alternatives

No alternatives found

Tutorials

No tutorials found
Add a tutorial