From 6868ef044b9617ad73892a6eb4636595dd0f636a Mon Sep 17 00:00:00 2001 From: Dave Conway-Jones Date: Sun, 28 Aug 2016 12:02:30 +0100 Subject: [PATCH] Allow http middleware to skip rawBodyParser --- nodes/core/io/21-httpin.js | 5 ++--- settings.js | 11 ++++++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/nodes/core/io/21-httpin.js b/nodes/core/io/21-httpin.js index 22e3133ef..cbbc1875e 100644 --- a/nodes/core/io/21-httpin.js +++ b/nodes/core/io/21-httpin.js @@ -27,6 +27,7 @@ module.exports = function(RED) { var isUtf8 = require('is-utf8'); function rawBodyParser(req, res, next) { + if (req.skipRawBodyParser) { next(); } // don't parse this if told to skip if (req._body) { return next(); } req.body = ""; req._body = true; @@ -55,7 +56,6 @@ module.exports = function(RED) { if (!isText && checkUTF && isUtf8(buf)) { buf = buf.toString() } - req.body = buf; next(); }); @@ -204,7 +204,6 @@ module.exports = function(RED) { } var metricsHandler = function(req,res,next) { next(); } - if (this.metric()) { metricsHandler = function(req, res, next) { var startAt = process.hrtime(); @@ -267,7 +266,7 @@ module.exports = function(RED) { } else { msg.res._res.clearCookie(name); } - } else if (typeof msg.cookies[name] === 'object') { + } else if (typeof msg.cookies[name] === 'object') { msg.res._res.cookie(name,msg.cookies[name].value,msg.cookies[name]); } else { msg.res._res.cookie(name,msg.cookies[name]); diff --git a/settings.js b/settings.js index 5ec7fcef0..5b7812022 100644 --- a/settings.js +++ b/settings.js @@ -82,6 +82,10 @@ module.exports = { // that should be served at http://localhost:1880/. //httpStatic: '/home/nol/node-red-static/', + // If you installed the optional node-red-dashboard you can set it's path + // relative to httpRoot + //ui: { path: "ui" }, + // Securing Node-RED // ----------------- // To password protect the Node-RED editor and admin API, the following @@ -138,9 +142,10 @@ module.exports = { // in front of all http in nodes. This allows custom authentication to be // applied to all http in nodes, or any other sort of common request processing. //httpNodeMiddleware: function(req,res,next) { - // // Handle/reject the request, or pass it on to the http in node - // // by calling next(); - // next(); + // // Handle/reject the request, or pass it on to the http in node by calling next(); + // // Optionally skip our rawBodyParser by setting this to true; + // //req.skipRawBodyParser = true; + // next(); //}, // Anything in this hash is globally available to all functions.