Skip to content


Repository files navigation


File type validation for hapi raw temporary file multipart/form-data request payloads.

Like most modern magicians, builds on the work, knowledge and influence of others before it, in this case, fischbacher.

NPM Version Build Status Coverage Status Dependencies Dev Dependencies

Table of Contents


Install via NPM.

$ npm install coutts


Register the package as a server plugin to enable validation for each route that does not parse — parse: false — into a temporary file, the request payload — output: 'file'. For every other route with a different configuration, the validation is skipped.

If the validation fails, a joi-like 400 Bad Request error is returned alongside an additional content-validation: failure response header. If everything is ok, the response will ultimately contain a content-validation: success header.

Also, if the Content-Type request header is not multipart/form-data, a 415 Unsupported Media Type error is returned, but in this case, without any additional response header.


const Hapi = require('hapi');
const Coutts = require('coutts');

try {
    const server = new Hapi.Server();

        options: {
            payload: {
                output: 'file',
                parse: false
            // go nuts

    await server.register({
        plugin: Coutts,
        options: {
            // Allow png files only
            whitelist: ['image/png']

    await server.start();
catch (err) {
    throw err;

Supported File Types

The same as file-type.