mirror of
https://github.com/directus/directus.git
synced 2026-02-04 20:45:20 -05:00
30 lines
667 B
TypeScript
30 lines
667 B
TypeScript
/**
|
|
* Sanitize query parameters.
|
|
* This ensures that query params are formatted and ready to go for the services.
|
|
*/
|
|
|
|
import { RequestHandler } from 'express';
|
|
import { sanitizeQuery } from '../utils/sanitize-query';
|
|
import { validateQuery } from '../utils/validate-query';
|
|
|
|
const sanitizeQueryMiddleware: RequestHandler = (req, res, next) => {
|
|
req.sanitizedQuery = {};
|
|
if (!req.query) return;
|
|
|
|
req.sanitizedQuery = sanitizeQuery(
|
|
{
|
|
fields: req.query.fields || '*',
|
|
...req.query,
|
|
},
|
|
req.accountability || null
|
|
);
|
|
|
|
Object.freeze(req.sanitizedQuery);
|
|
|
|
validateQuery(req.sanitizedQuery);
|
|
|
|
return next();
|
|
};
|
|
|
|
export default sanitizeQueryMiddleware;
|