spooder 4.2.17 → 4.2.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -0
- package/package.json +1 -1
- package/src/api.ts +8 -2
package/README.md
CHANGED
|
@@ -716,6 +716,9 @@ server.route('/api/endpoint', async (req, url) => {
|
|
|
716
716
|
|
|
717
717
|
try {
|
|
718
718
|
const json = await req.json();
|
|
719
|
+
if (json === null || typeof json !== 'object' || Array.isArray(json))
|
|
720
|
+
return 400;
|
|
721
|
+
|
|
719
722
|
// do something with json.
|
|
720
723
|
return 200;
|
|
721
724
|
} catch (err) {
|
|
@@ -735,6 +738,9 @@ server.route('/api/endpoint', validate_req_json(async (json, req, url) => {
|
|
|
735
738
|
|
|
736
739
|
This behaves the same as the code above, where a `400` status code is returned if the `Content-Type` header is not `application/json` or if the request body is not valid JSON, and no error is thrown.
|
|
737
740
|
|
|
741
|
+
> [!NOTE]
|
|
742
|
+
> While arrays and other primitives are valid JSON, `validate_req_json` will only pass objects to the handler, since they are the most common use case for JSON request bodies and it removes the need to validate that in the handler. If you need to use arrays or other primitives, either box them in an object or provide your own validation.
|
|
743
|
+
|
|
738
744
|
<a id="api-routing-directory-serving"></a>
|
|
739
745
|
## API > Routing > Directory Serving
|
|
740
746
|
|
package/package.json
CHANGED
package/src/api.ts
CHANGED
|
@@ -398,7 +398,7 @@ type ErrorHandler = (err: Error, req: Request, url: URL) => Resolvable<Response>
|
|
|
398
398
|
type DefaultHandler = (req: Request, status_code: number) => HandlerReturnType;
|
|
399
399
|
type StatusCodeHandler = (req: Request) => HandlerReturnType;
|
|
400
400
|
|
|
401
|
-
type JSONRequestHandler = (req: Request, url: URL, json:
|
|
401
|
+
type JSONRequestHandler = (req: Request, url: URL, json: JsonObject) => HandlerReturnType;
|
|
402
402
|
|
|
403
403
|
type ServerSentEventClient = {
|
|
404
404
|
message: (message: string) => void;
|
|
@@ -451,7 +451,13 @@ export function validate_req_json(JSONRequestHandler: JSONRequestHandler): Reque
|
|
|
451
451
|
if (req.headers.get('Content-Type') !== 'application/json')
|
|
452
452
|
return 400; // Bad Request
|
|
453
453
|
|
|
454
|
-
|
|
454
|
+
const json = await req.json();
|
|
455
|
+
|
|
456
|
+
// validate json is a plain object
|
|
457
|
+
if (json === null || typeof json !== 'object' || Array.isArray(json))
|
|
458
|
+
return 400; // Bad Request
|
|
459
|
+
|
|
460
|
+
return JSONRequestHandler(req, url, json);
|
|
455
461
|
} catch (e) {
|
|
456
462
|
return 400; // Bad Request
|
|
457
463
|
}
|