Validate Keys passed as body/query paramters?

[yousufmj]

Hi, Is there a way to validate the keys used in requests? we can validate the values that are passed in but i want to ensure only certain keys are used. similar to issue #266

eg post request could be
/user/create
{ "name": "john", "answer": "yes", "notValid": "Im not a valid key" }

is there a way to either use schema or check to ensure only certain keys are used;
possible schema example;
checkSchema({ name: { in: 'param', optional: true }, answer: { in: 'param', optional: true } )

if any other parameters that are not stated in the schema to throw an error to say not valid options. similar to how jsonschema module works

[gustavohenke]

So, as mentioned in the original issue, nowadays we have wildcards (unlike at the time of opening of that issue), which make this feature a lot more complicated to implement.

Imagine a selector like foo.*.bar; it would need to find all siblings of foo and bar, and reject them; so { foo: [{ bar: 1, baz: 2 }], qux: true } would reject foo[0].baz and qux.

It certainly is possible, just is very complex to solve properly.

[gustavohenke]

Hi hi, https://github.com/express-validator/express-validator/releases/tag/v7.0.0 is out with a fix 🙂