MCPcopy
hub / github.com/directus/directus / sanitizeQueryMiddleware

Function sanitizeQueryMiddleware

api/src/middleware/sanitize-query.ts:10–38  ·  view source on GitHub ↗
(req, _res, next)

Source from the content-addressed store, hash-verified

8import { validateQuery } from '../utils/validate-query.js';
9
10const sanitizeQueryMiddleware: RequestHandler = async (req, _res, next) => {
11 req.sanitizedQuery = {};
12 if (!req.query) return;
13
14 // Skip sanitization and validation if query is empty
15 if (Object.keys(req.query).length === 0) {
16 Object.freeze(req.sanitizedQuery);
17 return next();
18 }
19
20 try {
21 req.sanitizedQuery = await sanitizeQuery(
22 {
23 fields: req.query['fields'] || '*',
24 ...req.query,
25 },
26 req.schema,
27 req.accountability || null,
28 );
29
30 Object.freeze(req.sanitizedQuery);
31
32 validateQuery(req.sanitizedQuery);
33 } catch (error) {
34 return next(error);
35 }
36
37 return next();
38};
39
40export default sanitizeQueryMiddleware;

Callers

nothing calls this directly

Calls 2

sanitizeQueryFunction · 0.85
validateQueryFunction · 0.50

Tested by

no test coverage detected