123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284 |
- /*!
- * body-parser
- * Copyright(c) 2014 Jonathan Ong
- * Copyright(c) 2014-2015 Douglas Christopher Wilson
- * MIT Licensed
- */
- 'use strict'
- /**
- * Module dependencies.
- * @private
- */
- var bytes = require('bytes')
- var contentType = require('content-type')
- var createError = require('http-errors')
- var debug = require('debug')('body-parser:urlencoded')
- var deprecate = require('depd')('body-parser')
- var read = require('../read')
- var typeis = require('type-is')
- /**
- * Module exports.
- */
- module.exports = urlencoded
- /**
- * Cache of parser modules.
- */
- var parsers = Object.create(null)
- /**
- * Create a middleware to parse urlencoded bodies.
- *
- * @param {object} [options]
- * @return {function}
- * @public
- */
- function urlencoded (options) {
- var opts = options || {}
- // notice because option default will flip in next major
- if (opts.extended === undefined) {
- deprecate('undefined extended: provide extended option')
- }
- var extended = opts.extended !== false
- var inflate = opts.inflate !== false
- var limit = typeof opts.limit !== 'number'
- ? bytes.parse(opts.limit || '100kb')
- : opts.limit
- var type = opts.type || 'application/x-www-form-urlencoded'
- var verify = opts.verify || false
- if (verify !== false && typeof verify !== 'function') {
- throw new TypeError('option verify must be function')
- }
- // create the appropriate query parser
- var queryparse = extended
- ? extendedparser(opts)
- : simpleparser(opts)
- // create the appropriate type checking function
- var shouldParse = typeof type !== 'function'
- ? typeChecker(type)
- : type
- function parse (body) {
- return body.length
- ? queryparse(body)
- : {}
- }
- return function urlencodedParser (req, res, next) {
- if (req._body) {
- debug('body already parsed')
- next()
- return
- }
- req.body = req.body || {}
- // skip requests without bodies
- if (!typeis.hasBody(req)) {
- debug('skip empty body')
- next()
- return
- }
- debug('content-type %j', req.headers['content-type'])
- // determine if request should be parsed
- if (!shouldParse(req)) {
- debug('skip parsing')
- next()
- return
- }
- // assert charset
- var charset = getCharset(req) || 'utf-8'
- if (charset !== 'utf-8') {
- debug('invalid charset')
- next(createError(415, 'unsupported charset "' + charset.toUpperCase() + '"', {
- charset: charset,
- type: 'charset.unsupported'
- }))
- return
- }
- // read
- read(req, res, next, parse, debug, {
- debug: debug,
- encoding: charset,
- inflate: inflate,
- limit: limit,
- verify: verify
- })
- }
- }
- /**
- * Get the extended query parser.
- *
- * @param {object} options
- */
- function extendedparser (options) {
- var parameterLimit = options.parameterLimit !== undefined
- ? options.parameterLimit
- : 1000
- var parse = parser('qs')
- if (isNaN(parameterLimit) || parameterLimit < 1) {
- throw new TypeError('option parameterLimit must be a positive number')
- }
- if (isFinite(parameterLimit)) {
- parameterLimit = parameterLimit | 0
- }
- return function queryparse (body) {
- var paramCount = parameterCount(body, parameterLimit)
- if (paramCount === undefined) {
- debug('too many parameters')
- throw createError(413, 'too many parameters', {
- type: 'parameters.too.many'
- })
- }
- var arrayLimit = Math.max(100, paramCount)
- debug('parse extended urlencoding')
- return parse(body, {
- allowPrototypes: true,
- arrayLimit: arrayLimit,
- depth: Infinity,
- parameterLimit: parameterLimit
- })
- }
- }
- /**
- * Get the charset of a request.
- *
- * @param {object} req
- * @api private
- */
- function getCharset (req) {
- try {
- return (contentType.parse(req).parameters.charset || '').toLowerCase()
- } catch (e) {
- return undefined
- }
- }
- /**
- * Count the number of parameters, stopping once limit reached
- *
- * @param {string} body
- * @param {number} limit
- * @api private
- */
- function parameterCount (body, limit) {
- var count = 0
- var index = 0
- while ((index = body.indexOf('&', index)) !== -1) {
- count++
- index++
- if (count === limit) {
- return undefined
- }
- }
- return count
- }
- /**
- * Get parser for module name dynamically.
- *
- * @param {string} name
- * @return {function}
- * @api private
- */
- function parser (name) {
- var mod = parsers[name]
- if (mod !== undefined) {
- return mod.parse
- }
- // this uses a switch for static require analysis
- switch (name) {
- case 'qs':
- mod = require('qs')
- break
- case 'querystring':
- mod = require('querystring')
- break
- }
- // store to prevent invoking require()
- parsers[name] = mod
- return mod.parse
- }
- /**
- * Get the simple query parser.
- *
- * @param {object} options
- */
- function simpleparser (options) {
- var parameterLimit = options.parameterLimit !== undefined
- ? options.parameterLimit
- : 1000
- var parse = parser('querystring')
- if (isNaN(parameterLimit) || parameterLimit < 1) {
- throw new TypeError('option parameterLimit must be a positive number')
- }
- if (isFinite(parameterLimit)) {
- parameterLimit = parameterLimit | 0
- }
- return function queryparse (body) {
- var paramCount = parameterCount(body, parameterLimit)
- if (paramCount === undefined) {
- debug('too many parameters')
- throw createError(413, 'too many parameters', {
- type: 'parameters.too.many'
- })
- }
- debug('parse urlencoding')
- return parse(body, undefined, undefined, { maxKeys: parameterLimit })
- }
- }
- /**
- * Get the simple type checker.
- *
- * @param {string} type
- * @return {function}
- */
- function typeChecker (type) {
- return function checkType (req) {
- return Boolean(typeis(req, type))
- }
- }
|