foltik
/
shimapan
peilaus alkaen https://github.com/Foltik/Shimapan
1
0
Fork 0
Koodi Ongelmat 0 Julkaisut 0 Wiki Activity
Selaa lähdekoodia

Fix string coercion of number types in body verifier

production
Jack Foltz 5 vuotta sitten
vanhempi
e2985de01d
commit
d1610db1fe
Allekirjoittanut: foltik <jack@foltz.io> GPG Key ID: D1F0331758D1F29A
2 muutettua tiedostoa jossa 19 lisäystä ja 11 poistoa
Yhdistetty näkymä
Diff Options
Show Stats Download Patch File Download Diff File
  1. +16
    -8
      app/util/verifyBody.js
  2. +3
    -3
      test/middleware.js

+ 16
- 8
app/util/verifyBody.js Näytä tiedosto

@@ -8,18 +8,26 @@ const verifyProp = async (prop, expected) => {
return; return;


if (expected.type) { if (expected.type) {
if (expected.type === 'date' && isNaN(new Date(prop)))
throw {code: 400, message: `${expected.name} malformed.`};
else if (expected.type === 'array' && !(prop instanceof Array))
throw {code: 400, message: `${expected.name} malformed.`};
else if (typeof prop !== expected.type)
throw {code: 400, message: `${expected.name} malformed.`};
if (expected.type === 'date') {
if (isNaN(new Date(prop)))
throw {code: 400, message: `${expected.name} malformed.`};
} else if (expected.type === 'array') {
if (!(prop instanceof Array))
throw {code: 400, message: `${expected.name} malformed.`};
} else if (expected.type === 'number') {
if (isNaN(parseInt(prop)))
throw {code: 400, message: `${expected.name} malformed.`};
} else {
if (typeof prop !== expected.type)
throw {code: 400, message: `${expected.name} malformed.`};
}
} }


if (expected.min && prop < expected.min)

if (expected.min && parseInt(prop) < expected.min)
throw {code: 400, message: `${expected.name} too small.`}; throw {code: 400, message: `${expected.name} too small.`};


if (expected.max && prop > expected.max)
if (expected.max && parseInt(prop) > expected.max)
throw {code: 400, message: `${expected.name} too large.`}; throw {code: 400, message: `${expected.name} too large.`};


if (expected.maxLength && prop.length > expected.maxLength) if (expected.maxLength && prop.length > expected.maxLength)


+ 3
- 3
test/middleware.js Näytä tiedosto

@@ -28,11 +28,11 @@ describe('Body Verification', () => {
expected: [{name: 'test', type: 'date'}], expected: [{name: 'test', type: 'date'}],
body: {test: '11/12/2018'} body: {test: '11/12/2018'}
}, { }, {
expected: [{name: 'test', type: 'date'}],
body: {test: 1546368715}
expected: [{name: 'test', type: 'number'}],
body: {test: '1546368715'}
}, { }, {
expected: [{name: 'test', type: 'number', min: 12, max: 16}], expected: [{name: 'test', type: 'number', min: 12, max: 16}],
body: {test: 16}
body: {test: '16'}
}]; }];


return Promise.all(tests.map(test => testVerifyBody(test.body, test.expected))); return Promise.all(tests.map(test => testVerifyBody(test.body, test.expected)));


Write Preview
Loading…
Peruuta
Tallenna