0

I read a post on body-parser in node.js and it claimed that it is not safe.

If I'm not to use any body-parser middleware in my project, what solution should I use to ensure safety?

Do Not Use bodyParser with Express.js

body-parser deprecation message

I'm a newbie on node.js so if your solution is provided with examples, I'll really appreciate!

Thx in advance!

Adam
  • 1,684
  • 1
  • 19
  • 39

2 Answers2

1

The solution is provided in the very article you linked to.

Avoid bodyParser and explicitly use the middleware that you need

If you want to parse json in your endpoint, use express.json() middleware. If you want json and urlencoded endpoint, use [express.json(), express.urlencoded()] for your middleware.

If you want users to upload files to your endpoint, you could use express.multipart() and be sure to clean up all the temp files that are created. This would still stuffer [sic] from problem #3 previously mentioned.

Note however that in Express 4, these middlewares are no longer packaged with Express. They are now available via the body-parser package, with json and urlencoded properties. They recommend some other packages for multipart uploads.

Scimonster
  • 32,893
  • 9
  • 77
  • 89
-1

I'm using https://www.npmjs.org/package/busboy

But there are several other libraries that do the same thing, so there is no definitive answer to this question.

Khôi
  • 2,133
  • 11
  • 10