File type validation for hapi raw in-memory request payloads
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


File type validation for hapi raw in-memory multipart/form-data request payloads.

Like most modern magicians, builds on the work, knowledge and influence of others before it, in this case, copperfield.

NPM Version Build Status Coverage Status Dependencies Dev Dependencies

Table of Contents


Install via NPM.

$ npm install blaine


Register the package as a server plugin to enable validation for each route that does not parse — parse: false — into memory, the request payload — output: 'data'. For every other route with a different configuration, the validation is skipped.

If the validation fails, a joi-like 400 Bad Request error is returned alongside an additional content-validation: failure response header. If everything is ok, the response will ultimately contain a content-validation: success header.

Also, if the Content-Type request header is not multipart/form-data, a 415 Unsupported Media Type error is returned, but in this case, without any additional response header.


const Hapi = require('hapi');
const Blaine = require('blaine');

try {
    const server = new Hapi.Server();

    await server.register({
        plugin: Blaine,
        options: {
            // Allow png files only
            whitelist: ['image/png']

        // go nuts
        options: {
            payload: {
                output: 'data',
                parse: false
            // go nuts

    await server.start();
catch (err) {
    throw err;

Supported File Types

The same as file-type.