npm install raw-body
97.8
Supply Chain Risk
99
Quality
80.9
Maintenance
100
Vulnerability
376 Stars
519 Commits
67 Forks
10 Watching
4 Branches
16 Contributors
Updated on 07 Sept 2024
Minified
Minified + Gzipped
JavaScript (100%)
Cumulative downloads
Total Downloads
Last day
-4.7%
1,760,551
Compared to previous day
Last week
-1.6%
35,391,415
Compared to previous week
Last month
-8.9%
144,762,013
Compared to previous month
Last year
7.9%
1,950,982,650
Compared to previous year
Gets the entire buffer of a stream either as a Buffer
or a string.
Validates the stream's length against an expected length and maximum limit.
Ideal for parsing request bodies.
This is a Node.js module available through the
npm registry. Installation is done using the
npm install
command:
$ npm install raw-body
This module includes a TypeScript
declaration file to enable auto complete in compatible editors and type
information for TypeScript projects. This module depends on the Node.js
types, so install @types/node
:
$ npm install @types/node
var getRawBody = require('raw-body')
Returns a promise if no callback specified and global Promise
exists.
Options:
length
- The length of the stream.
If the contents of the stream do not add up to this length,
an 400
error code is returned.limit
- The byte limit of the body.
This is the number of bytes or any string format supported by
bytes,
for example 1000
, '500kb'
or '3mb'
.
If the body ends up being larger than this limit,
a 413
error code is returned.encoding
- The encoding to use to decode the body into a string.
By default, a Buffer
instance will be returned when no encoding is specified.
Most likely, you want utf-8
, so setting encoding
to true
will decode as utf-8
.
You can use any type of encoding supported by iconv-lite.You can also pass a string in place of options to just specify the encoding.
If an error occurs, the stream will be paused, everything unpiped,
and you are responsible for correctly disposing the stream.
For HTTP requests, you may need to finish consuming the stream if
you want to keep the socket open for future requests. For streams
that use file descriptors, you should stream.destroy()
or
stream.close()
to prevent leaks.
This module creates errors depending on the error condition during reading. The error may be an error from the underlying Node.js implementation, but is otherwise an error created by this module, which has the following attributes:
limit
- the limit in byteslength
and expected
- the expected length of the streamreceived
- the received bytesencoding
- the invalid encodingstatus
and statusCode
- the corresponding status code for the errortype
- the error typeThe errors from this module have a type
property which allows for the programmatic
determination of the type of error returned.
This error will occur when the encoding
option is specified, but the value does
not map to an encoding supported by the iconv-lite
module.
This error will occur when the limit
option is specified, but the stream has
an entity that is larger.
This error will occur when the request stream is aborted by the client before reading the body has finished.
This error will occur when the length
option is specified, but the stream has
emitted more bytes.
This error will occur when the given stream has an encoding set on it, making it
a decoded stream. The stream should not have an encoding set and is expected to
emit Buffer
objects.
This error will occur when the given stream is not readable.
var contentType = require('content-type') var express = require('express') var getRawBody = require('raw-body') var app = express() app.use(function (req, res, next) { getRawBody(req, { length: req.headers['content-length'], limit: '1mb', encoding: contentType.parse(req).parameters.charset }, function (err, string) { if (err) return next(err) req.text = string next() }) }) // now access req.text
var contentType = require('content-type') var getRawBody = require('raw-body') var koa = require('koa') var app = koa() app.use(function * (next) { this.text = yield getRawBody(this.req, { length: this.req.headers['content-length'], limit: '1mb', encoding: contentType.parse(this.req).parameters.charset }) yield next }) // now access this.text
To use this library as a promise, simply omit the callback
and a promise is
returned, provided that a global Promise
is defined.
var getRawBody = require('raw-body') var http = require('http') var server = http.createServer(function (req, res) { getRawBody(req) .then(function (buf) { res.statusCode = 200 res.end(buf.length + ' bytes submitted') }) .catch(function (err) { res.statusCode = 500 res.end(err.message) }) }) server.listen(3000)
import * as getRawBody from 'raw-body'; import * as http from 'http'; const server = http.createServer((req, res) => { getRawBody(req) .then((buf) => { res.statusCode = 200; res.end(buf.length + ' bytes submitted'); }) .catch((err) => { res.statusCode = err.statusCode; res.end(err.message); }); }); server.listen(3000);
Reason
14 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
license file detected
Details
Reason
no binaries found in the repo
Reason
security policy file detected
Details
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
Found 2/17 approved changesets -- score normalized to 1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
branch protection not enabled on development/release branches
Details
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-09-02
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More