-
-
Notifications
You must be signed in to change notification settings - Fork 219
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add validation checks #358
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good so far :D
Linter doesn't seem very happy though, let me try fixing that.
What if we made |
- this fixes the failing tests
- also suppress the annoying node warning, caused by jest using an experimental feature
Yeah, related to that, it occurred to me that What if Honestly, that's starting to seem more confusing. Maybe we should just go with the On an unrelated note, I was thinking that each validation error should have a unique code, like |
Oh, and switching the config option to a boolean would also solve the "enum in the types file" confusion. |
That makes sense! Should I change it to that then? |
Yeah, feel free. I'd like to do some more work on this, but I'm not sure when I'll get to it. |
- also adds a `ValidationError` that can be thrown by the validators
Done. |
Although now we have an |
ok, decorators are out, runCheck is back in. (although I renamed it to |
It just occurred to me that all of these checks are run per-request and can potentially log something on every single request. We might want to limit that. The ones here are probably fine to run on only the first request and none after. Maybe we should include the stack trace to make it stand out more if we limit it to one log, though. |
Ok, it now disables validations near the end of the first request, but logs a full stack trace if an issue is found. I did a bit of testing and realized that the X-Forwarded-For check didn't work because the default I also templatized the more info link part of the error message, since I initially forgot to update it when changing the error code. I think it needs a little more testing (both manual and automated), and then I think it will be good to ship. |
This looks great!! |
no need to include my own crazy regex when node.js includes a more readable one already: https://github.com/nodejs/node/blob/373848a457639a507a8d7edb467a028a89f83c3a/lib/internal/net.js#L13-L29
Ok, I think this is good to go, but lets wait a day or two to see if we want to do a point release with #361 first. I'm leaning towards that, but I'd really like to hear back that it resolves the issue first. |
Alright, I think we've waited long enough. I'm going to ship this. |
Thank you for this, we did in-fact discover config issues due to this PR :) |
This is a first stab at the validation checks I talked about in #356
There's more that I want to do, but wanted to get this bit up for now.