node package manager
Stop writing boring code. Discover, share, and reuse within your team. Create a free org »

express-content-length-validator

express-content-length-validator

Build Status Coverage Status

Make sure your application is not vulnerable to large payload attacks

install

$ npm install express-content-length-validator --save

api

Once you've gotten the content-length module:

 
    var contentLength = require('express-content-length-validator');
 

You'll have a single function to work with: validateMax.

contentLength.validateMax(options)

options is an object with three properties:

  • max, which defaults to 999;
  • status, which defaults to 400;
  • message, which defaults to "Invalid payload; too big.".

usage as a middleware

 
    var contentLength = require('express-content-length-validator');
    var app = require('express')();
    var MAX_CONTENT_LENGTH_ACCEPTED = 9999;
 
    app.use(contentLength.validateMax({max: MAX_CONTENT_LENGTH_ACCEPTED, status: 400, message: "stop it!"})); // max size accepted for the content-length 
 
    // and then, when you're checking the routes 
 
    app
        .post('/some/url/here', function(req, res)
        {
            /*all is good, the content-length is less than the expected
              so you can keep with your business logic*/
        });
 
    app.listen(8080);
 

usage per endpoint

 
    var contentLength = require('express-content-length-validator');
    var app = require('express')();
    var MAX_CONTENT_LENGTH_ACCEPTED = 9999;
 
    app.post('/some/url/here', contentLength.validateMax({max: MAX_CONTENT_LENGTH_ACCEPTED, status: 400, message: "send a smaller json, will ya?"}), function(req, res)
    {
        /*all is good, the content-length is less than the expected
        so you can keep with your business logic*/
    });
 
    app.listen(8080);

It's that easy =]

license

MIT