Comments (15)
then we can access the request's raw body with
ctx.request.rawBody
and do what you like by your self.
请问 rawBody
现在有了吗? 我们遇到一个奇怪的问题, 或者说是我姿势不对
--data '{"ipv4":"192.168.1.1","note":"开发","ftp_user":"d1y","ftp_pwd":"middle","ftp_path":""}'
理论上, 我应该是要得到一个对象的
但实际上我在 ctx.request.body
获取的是
body: { '{"ipv4":"192': { '168': [ [Object] ] } }
.
符号被自动转义了, 我能想到的解决办法就是拿到原始数据 rawBody
, 然后自己用 qs
转成 object
, 我试过转成base64
不过 base64
中有 =
, 也被自动转义了, 请问老哥, 我这个怎么玩
from bodyparser.
from bodyparser.
I have seen there is a verify option in express/bodyparser
, and it makes this hack possible:
app.use(bodyparser.json({
verify: function(req, res, buf) {
req.rawBody = buf;
},
}));
@fengmk2 @dead-horse Should we support something like that? Or just avoid this middleware and rewrite the body parsing logic based on raw-body by myself?
from bodyparser.
Wow, you guys work fast. Unfortunately I wasn't clear enough....
I'm integrating with Shopify webhooks specifically.
They send a POST request with a JSON body. bodyparser works great for this.
The problem is that I have to validate the HMAC, and to do so I have to get the raw_body of the response as well. So, I need the parsed body and the raw body.
One for verification and the other for data.
from bodyparser.
Get the ctx.req
request stream and pipe to a HMAC reader.
@internalfx Please give us a full example codes?
from bodyparser.
My process is further down the middleware pipeline.
Not all requests need to be validated.
Be patient with me, my understanding of the internals of koa
, bodyparser
and co-body
is not that great.
Here was my cheap hack on line 38 of co-body/lib/json.js
. This is working well.
return raw(inflate(req), opts)
.then(function (str) {
try {
return {
body: parse(str),
raw: str
}
} catch (err) {
err.status = 400
err.body = str
throw err
}
})
I also modified bodyparser
on line 71
function * parseBody (ctx) {
if ((detectJSON && detectJSON(ctx)) || ctx.request.is(jsonTypes)) {
let result = yield parse.json(ctx, jsonOpts)
if (result.body) {
ctx.request.body = result.body
ctx.request.raw_body = result.raw
} else {
ctx.request.body = result
}
} else if (ctx.request.is(formTypes)) {
ctx.request.body = yield parse.form(ctx, formOpts)
} else {
ctx.request.body = {}
}
}
}
Now in my route policy, something very similar to a sailsjs policy
. I can do this....
let crypto = require('crypto')
let checkSignature = function (data, hmac) {
let secret = config.shopify.shared_secret
let digest = crypto
.createHmac('SHA256', secret)
.update(data)
.digest('base64')
return (digest === hmac)
}
module.exports = function *() {
let raw_body = this.request.raw_body
let hmac = this.headers['x-shopify-hmac-sha256']
if (checkSignature(raw_body, hmac)) {
return true
}
this.throw(401, 'Shopify HMAC check failed.')
}
from bodyparser.
@internalfx this module is made for generic usage. you can try https://github.com/stream-utils/raw-body to get the body content and parse by yourself. :)
from bodyparser.
I understand if this is not where you want to take the library.
The modifications I've made have solved the problem.
I didn't want to give up the automatic JSON detection and parsing. I also wanted the form parsing that is built in.
I may just release a fork and track changes to bodyparser, while providing an option for raw data to myself and others.
Thanks guys.
from bodyparser.
I need to keep raw data too.
For verifying signature usage.
Would you please provide plugin functions or just ctx.rawBody?
from bodyparser.
the code in body parser should be changed to
function* parseBody(ctx) {
if (enableJson && ((detectJSON && detectJSON(ctx)) || ctx.request.is(jsonTypes))) {
let result = yield parse.json(ctx, jsonOpts);
if (result.body) {
ctx.request.raw_body = result.raw
return result.body
} else {
return result
}
}
if (enableForm && ctx.request.is(formTypes)) {
return yield parse.form(ctx, formOpts);
}
if (enableText && ctx.request.is(textTypes)) {
return yield parse.text(ctx, textOpts) || '';
}
return {};
}
};
otherwise you will lose the ctx.request.body information
from bodyparser.
I'd like to add a options to let co-body return the raw body.
from bodyparser.
then we can access the request's raw body with ctx.request.rawBody
and do what you like by your self.
from bodyparser.
the read
function in expressjs/body-parser: https://github.com/expressjs/body-parser/blob/master/lib/read.js#L38-L132
from bodyparser.
@d1y Please use English that your message can be valuable to other people all over the world.
https://github.com/koajs/bodyparser/blob/master/index.js#L78
You can get raw body with ctx.request.rawBody
.
https://github.com/koajs/bodyparser/blob/master/index.js#L91
https://github.com/cojs/co-body/blob/master/index.js#L4
https://github.com/cojs/co-body/blob/master/lib/json.js#L49-L58
You can see that it is just JSON.parse
Welcome to Node.js v13.2.0.
Type ".help" for more information.
> JSON.parse('{"ipv4":"192.168.1.1","note":"开发","ftp_user":"d1y","ftp_pwd":"middle","ftp_path":""}')
{
ipv4: '192.168.1.1',
note: '开发',
ftp_user: 'd1y',
ftp_pwd: 'middle',
ftp_path: ''
}
So the problem is not about the bodyparser.
Seems like a kind of serialization problem on your client ,or your upstream middleware modified your ctx.request.body .
Please check your code again, or provide a runnable demo for reproducing and debugging the problem.
from bodyparser.
@d1y I have got the key.
The "Content-Type" header form your client is "application/x-www-form-urlencoded".
That your server treated the body as form-data. The request header should be "application/json".
from bodyparser.
Related Issues (20)
- Not working with Firebase Functions HOT 8
- How can i parser html ? HOT 1
- jsonLimit doesn't seem to work
- Option to disable content-length check on request HOT 2
- Why are you recommending "co-busboy" in koa-bodyparser Readme if there is multer? HOT 3
- can not parse no content-type body HOT 4
- inconsistent parsing behaviour on nested params
- Replace body content HOT 1
- co-busboy does not work very well for koa2 HOT 2
- XML Documentation Incorrect HOT 3
- Why is body typed as string? gives tsc compilation errors HOT 5
- Rewrite to TypeScript HOT 5
- [FR] Recommend koajs/koa-body instead of co-busboy for multipart HOT 1
- please add application/push type HOT 2
- Every example *and* test is reassigning request body to response body HOT 1
- [fix] Type disagreement between `koa-body` and `@types/koa-bodyparser` HOT 3
- [fix] `encoding` is still required in TS even though it has default value from `co-body` HOT 1
- [feat] add koa as peerDependencies
- [fix] npm 和 github README不一致。 HOT 1
- Deprecate koa-bodyparser
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bodyparser.