UNPKG

hpp/lib/index.js

Version:

1.43 kBJavaScriptView Raw

1'use strict';
2
3var _ = require('lodash');
4var typeis = require('type-is');
5
6
7module.exports = function (options) {
8
9    options = _.defaults(options || {}, {
10        checkQuery: true,
11        checkBody: true,
12        checkBodyOnlyForContentType: 'urlencoded'
13    });
14
15    function correctContentType(req) {
16        return typeis(req, options.checkBodyOnlyForContentType);
17    }
18
19    return function (req, res, next) {
20
21        if (options.checkQuery && req.query) {
22            req.queryPolluted = {};
23
24            var queryParams = _.keys(req.query);
25            for ( var q = 0; q < queryParams.length; q+=1 ) {
26
27                if (!_.isArray(req.query[queryParams[q]])) {
28                    continue;
29                }
30
31                req.queryPolluted[queryParams[q]] = req.query[queryParams[q]];
32                req.query[queryParams[q]] = req.query[queryParams[q]][0];
33
34            }
35        }
36
37        if (options.checkBody && req.body && correctContentType(req)) {
38            req.bodyPolluted = {};
39
40            var bodyParams = _.keys(req.body);
41            for ( var b = 0; b < bodyParams.length; b+=1 ) {
42
43                if (!_.isArray(req.body[bodyParams[b]])) {
44                    continue;
45                }
46
47                req.bodyPolluted[bodyParams[b]] = req.body[bodyParams[b]];
48                req.body[bodyParams[b]] = req.body[bodyParams[b]][0];
49
50            }
51
52        }
53
54        next();
55
56    };
57
58};

1	`'use strict';`
2
3	`var _ = require('lodash');`
4	`var typeis = require('type-is');`
5
6
7	`module.exports = function (options) {`
8
9	`options = _.defaults(options \|\| {}, {`
10	`checkQuery: true,`
11	`checkBody: true,`
12	`checkBodyOnlyForContentType: 'urlencoded'`
13	`});`
14
15	`function correctContentType(req) {`
16	`return typeis(req, options.checkBodyOnlyForContentType);`
17	`}`
18
19	`return function (req, res, next) {`
20
21	`if (options.checkQuery && req.query) {`
22	`req.queryPolluted = {};`
23
24	`var queryParams = _.keys(req.query);`
25	`for ( var q = 0; q < queryParams.length; q+=1 ) {`
26
27	`if (!_.isArray(req.query[queryParams[q]])) {`
28	`continue;`
29	`}`
30
31	`req.queryPolluted[queryParams[q]] = req.query[queryParams[q]];`
32	`req.query[queryParams[q]] = req.query[queryParams[q]][0];`
33
34	`}`
35	`}`
36
37	`if (options.checkBody && req.body && correctContentType(req)) {`
38	`req.bodyPolluted = {};`
39
40	`var bodyParams = _.keys(req.body);`
41	`for ( var b = 0; b < bodyParams.length; b+=1 ) {`
42
43	`if (!_.isArray(req.body[bodyParams[b]])) {`
44	`continue;`
45	`}`
46
47	`req.bodyPolluted[bodyParams[b]] = req.body[bodyParams[b]];`
48	`req.body[bodyParams[b]] = req.body[bodyParams[b]][0];`
49
50	`}`
51
52	`}`
53
54	`next();`
55
56	`};`
57
58	`};`