How do I set the bodyParser upload limit to specific routes rather than globally in the middleware?
Here's an example (Express 3) middleware setup thats worked for me globally:
app.configure(function () {
app.use(express.static(__dirname + "/public"));
app.use(express.bodyParser({
keepExtensions: true,
limit: 10000000, // set 10MB limit
defer: true
}));
//... more config stuff
}
For security reasons, I don't want to allow 500GB+ posts on routes other than /upload, so I'm trying to figure out how to specify the limit on specific routes, rather than globally in the middleware.
I know the multipart middleware in bodyParser() already sniffs out content types, but I want to limit it even further.
This does not seem to work in express 3:
app.use('/', express.bodyParser({
keepExtensions: true,
limit: 1024 * 1024 * 10,
defer: true
}));
app.use('/upload', express.bodyParser({
keepExtensions: true,
limit: 1024 * 1024 * 1024 * 500,
defer: true
}));
I get an error Error: Request Entity Too Large when I try to upload a 3MB file on the upload URL.
How do you do this correctly?
Answer
Actually as suggested by hexacyanide above, app.use() works on limiting single route.
The problem comes from the ordering of route paths.
Going to example above, if you put '/upload' first, then the bodyParser should match that rule first.
So put the code like so (I am using Express 4.0 +):
app.use("/PATH_WITH_LIMIT", bodyParser({
limit: 1024 * 1000
}));
app.use("/",bodyParser());
You can see how express binds the middleware on app.use() method call here.