* Invalid HTTP header error is hidden
This error is captured and never shown which may by misleading. This PR suggest to throw this error directly to the reponse.
* fixed the linter error
* add a test
* denoify
---------
Co-authored-by: Yusuke Wada <yusuke@kamawada.com>
* fix: return status 500 when using validator 'form'
When using `validator('form', ...)` hono is returning a 500 status
when receiving a POST request with a JSON in request body, instead
of a bad request 400, .
This is happenning due to a unhandled error in an
underlying library (@miniflare).
https://github.com/cloudflare/miniflare/pull/711
The code changes in this PR are responsible to prepare the code to
handle possible TypeError that can be thrown in the future, by the lib
doing the FormData parsing, as per, https://fetch.spec.whatwg.org/#dom-body-formdata.
This PR should wait for bugfix on @miniflare.
* fix: json validator allowing Content-Type value other than json/application
Forgery attacks will try to avoid preflight requests when POSTing JSON
payloads manipulating the HTTP header Content-Type. For example, it will
send a JSON payload with `Content-Type=text/plain`, but the request stills
containing a JSON in its body. Those requests must be rejected.
Thus, when using the validator with the target set to `json`, we must
check the Content-Type header.
* fix: change check for json Content-Type header
Change JSON validation to only allow Content-Type header starting with
'application/json'.
Change from regexp test to starsWith builtin function, to make code more
expressive.
---------
Co-authored-by: Bruno Nascimento <bruno.nascimento@csghq.com>
* Allow validator to apply validation to path param.
* chore: denoify
* feat(validator): Enable passing the path to ValidationFunction as a template parameter.
* chore: denoify
Co-authored-by: yusukebe <yusuke@kamawada.com>
* * fix(validator): allow empty and undefined optional arrays
fix the bug of empty and undefined array causing a validation fail
when those are anyways optional
resolves #677
* denonify changes
* fix(validator): fix subsequent nested objects names
fix the bug of having subsequent objects inside a nested structure
causing the validator to forget the previous keys in the scheme's path
fixes point 1 of #677
* deonify changes
* refactor(types): refactor and add tests for checking Types
* remove unused
* uncomment
* use `Handler` in validator middleware
* remove unused
* create `src/validator` dir and move some files into it
* add the case that the context is in `validator`
* rename `D` to `S`
