github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-02-08 18:04:57 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
91d8f2687fba8c7ee99a7c3e934660e7daee7ce5
directus/api/src/middleware/sanitize-query.ts
Oreille 0425809db1 Fix string filter unexpectedly being casted to number (#10138) 
* Fix string unexpectedly being casted to numbers

* Parse filter with multiple keys into `_and` block.

* Fixed filter structure in tests
2021-12-01 13:55:54 -05:00

30 lines
668 B
TypeScript
Raw Blame History

/**
* Sanitize query parameters.
* This ensures that query params are formatted and ready to go for the services.
*/
import { RequestHandler } from 'express';
import { sanitizeQuery } from '../utils/sanitize-query';
import { validateQuery } from '../utils/validate-query';
const sanitizeQueryMiddleware: RequestHandler = (req, _res, next) => {
req.sanitizedQuery = {};
if (!req.query) return;
req.sanitizedQuery = sanitizeQuery(
{
fields: req.query.fields || '*',
...req.query,
},
req.accountability || null
);
Object.freeze(req.sanitizedQuery);
validateQuery(req.sanitizedQuery);
return next();
};
export default sanitizeQueryMiddleware;
Reference in New Issue View Git Blame Copy Permalink