checkschema does not validate but lets everything through. (with full example of proof)
See original GitHub issueIt looks like there is a bug in checkschema.
The problem is that checkschema always gives an ok, even if you send it non-existent fields.
Referring to page https://express-validator.github.io/docs/schema-validation.html This is either incorrect or I’m missing something here.
I’ve created a small test-environment to show the error. The environment is created with standard Webstorm NodeJs/Express project generator. (And removed some unnecessary parts) Check it out here: https://github.com/BertCatsburg/express-validator-bug.git See the Readme.md
git clone and run npm install and then npm test.
Important files in this environment:
index.js
var express = require('express');
var router = express.Router();
const {check, param, body, validationResult, checkSchema} = require('express-validator');
var debug = require('debug')('validatortest:index');
// Processing for all Routes
const processingRequest = (req, res, next) => {
const errors = validationResult(req);
if (!errors.isEmpty()) {
res.status(422).json({"status": "Validation Error"});
} else {
res.status(200).json({"status": "ok", "value of a": req.body.a});
}
};
// Route to do validation with checkschema on 'b.b1'
router.post(
'/test/checkschema',
checkSchema({
'b.b1' : {
in: ['body'],
optional: false,
errorMessage: 'Property "b.b1" not found',
}
}),
processingRequest,
);
// Route to do validation with body on 'b'
router.post(
'/test/body',
body('b')
.notEmpty()
.withMessage('Property "b" not found'),
processingRequest,
);
module.exports = router;
test/test.js
const superagent = require('superagent');
const superagentPrefix = require('superagent-prefix')('http://localhost:3011');
var debug = require('debug')('validatortest:test');
const goodObject = {
b: {
b1: 'bbb'
}
};
const badObject = {
where_is_b: 'not-here'
};
describe('Testing Express-Validator endpoint /test/checkschema', function () {
it('should not give an error ', function (done) {
superagent
.post('/test/checkschema')
.use(superagentPrefix)
.send(goodObject)
.end((err, res) => {
if (res.status !== 200) {
throw('ERROR. Status should be 200 but is ' + res.status);
}
done();
})
});
it('should give an error ', function (done) {
superagent
.post('/test/checkschema')
.use(superagentPrefix)
.send(badObject)
.end((err, res) => {
if (res.status !== 422) {
throw('ERROR. Status should be 422 but is ' + res.status);
}
done();
})
});
});
describe('Testing Express-Validator endpoint /test/body', function () {
it('should not give an error ', function (done) {
superagent
.post('/test/body')
.use(superagentPrefix)
.send(goodObject)
.end((err, res) => {
if (res.status !== 200) {
throw('ERROR. Status should be 200 but is ' + res.status);
}
done();
})
});
it('should give an error ', function (done) {
superagent
.post('/test/body')
.use(superagentPrefix)
.send(badObject)
.end((err, res) => {
if (res.status !== 422) {
throw('ERROR. Status should be 422 but is ' + res.status);
}
done();
})
});
});
Issue Analytics
- State:
- Created 4 years ago
- Reactions:2
- Comments:5 (1 by maintainers)
Top Results From Across the Web
express-validator checkSchema not raise errors - Stack Overflow
The query parameter was a random string. It "works", console.log is called at every request, but it doesn't raise any errors. node ...
Read more >It all starts with applicability - JSON Schema Fundamentals ...
In this introduction, you'll be using the properties and items keywords, and subschemas. Validating Objects. Let's jump into an example. Here's ...
Read more >Form Data Validation in Node.js with express-validator
In this tutorial, we'll cover how to perform form data validation in Node.js with express-validator, a wrapper for the popular Validator.js ...
Read more >Diving Into Delta Lake: Schema Enforcement & Evolution
Learn how schema enforcement and schema evolution work together on Delta Lake to ensure high quality, reliable data.
Read more >Express Validator Tutorial - Auth0
TL;DR: In this article you will learn to validate and sanitize data in ... this file adds an endpoint to your app that...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I’ll investigate!
Updated all the versions in my demo-repo. Package.json now is:
Still unexpected results. 1 of the tests passing while it should not.
Is this issue still getting attention? (Previous comment more than 1 year ago).
Thanks.