/
RequestValidator.js
90 lines (70 loc) · 2.53 KB
/
RequestValidator.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
'use strict';
/**
* @fileOverview
* Centralize all header validation in one place.
*
* @author Ben Stahl <bhstahl@gmail.com>
*/
const CONSTANTS = require('../constants');
class RequestValidator {
// All PATCH requests MUST include a Upload-Offset header
static _invalidUploadOffsetHeader(value) {
return isNaN(value) || parseInt(value, 10) < 0;
}
// The value MUST be a non-negative integer.
static _invalidUploadLengthHeader(value) {
return isNaN(value) || parseInt(value, 10) < 0;
}
// The Upload-Defer-Length value MUST be 1.
static _invalidUploadDeferLengthHeader(value) {
return isNaN(value) || parseInt(value, 10) !== 1;
}
// The Upload-Metadata request and response header MUST consist of one
// or more comma-separated key-value pairs. The key and value MUST be
// separated by a space. The key MUST NOT contain spaces and commas and
// MUST NOT be empty. The key SHOULD be ASCII encoded and the value MUST
// be Base64 encoded. All keys MUST be unique.
static _invalidUploadMetadataHeader(value) {
const keypairs = value.split(',')
.map((keypair) => keypair.trim());
return keypairs.some((keypair) => keypair.split(' ').length !== 2);
}
static _invalidXRequestedWithHeader() {
return false;
}
static _invalidTusVersionHeader(value) {
return CONSTANTS.TUS_VERSION.indexOf(value) === -1;
}
static _invalidTusResumableHeader(value) {
return value !== CONSTANTS.TUS_RESUMABLE;
}
static _invalidTusExtensionHeader(value) {
return false;
}
static _invalidTusMaxSizeHeader() {
return false;
}
static _invalidXHttpMethodOverrideHeader() {
return false;
}
// All PATCH requests MUST use Content-Type: application/offset+octet-stream.
static _invalidContentTypeHeader(value) {
return value !== 'application/offset+octet-stream';
}
static _invalidAuthorizationHeader() {
return false;
}
static capitalizeHeader(header_name) {
return header_name.replace(/\b[a-z]/g, function() {
return arguments[0].toUpperCase();
}).replace(/-/g, '');
}
static isInvalidHeader(header_name, header_value) {
if (CONSTANTS.HEADERS_LOWERCASE.indexOf(header_name) === -1) {
return false;
}
const method = `_invalid${this.capitalizeHeader(header_name)}Header`;
return this[method](header_value);
}
}
module.exports = RequestValidator;