5 var accepts = require('accepts');
6 var deprecate = require('depd')('express');
7 var isIP = require('net').isIP;
8 var typeis = require('type-is');
9 var http = require('http');
10 var fresh = require('fresh');
11 var parseRange = require('range-parser');
12 var parse = require('parseurl');
13 var proxyaddr = require('proxy-addr');
19 var req = exports = module.exports = {
20 __proto__: http.IncomingMessage.prototype
24 * Return request header.
26 * The `Referrer` header field is special-cased,
27 * both `Referrer` and `Referer` are interchangeable.
31 * req.get('Content-Type');
34 * req.get('content-type');
37 * req.get('Something');
40 * Aliased as `req.header()`.
42 * @param {String} name
48 req.header = function(name){
49 switch (name = name.toLowerCase()) {
52 return this.headers.referrer
53 || this.headers.referer;
55 return this.headers[name];
62 * Check if the given `type(s)` is acceptable, returning
63 * the best match when true, otherwise `undefined`, in which
64 * case you should respond with 406 "Not Acceptable".
66 * The `type` value may be a single mime type string
67 * such as "application/json", the extension name
68 * such as "json", a comma-delimted list such as "json, html, text/plain",
69 * an argument list such as `"json", "html", "text/plain"`,
70 * or an array `["json", "html", "text/plain"]`. When a list
71 * or array is given the _best_ match, if any is returned.
75 * // Accept: text/html
76 * req.accepts('html');
79 * // Accept: text/*, application/json
80 * req.accepts('html');
82 * req.accepts('text/html');
84 * req.accepts('json, text');
86 * req.accepts('application/json');
87 * // => "application/json"
89 * // Accept: text/*, application/json
90 * req.accepts('image/png');
94 * // Accept: text/*;q=.5, application/json
95 * req.accepts(['html', 'json']);
96 * req.accepts('html', 'json');
97 * req.accepts('html, json');
100 * @param {String|Array} type(s)
105 req.accepts = function(){
106 var accept = accepts(this);
107 return accept.types.apply(accept, arguments);
111 * Check if the given `encoding`s are accepted.
113 * @param {String} ...encoding
118 req.acceptsEncodings = function(){
119 var accept = accepts(this);
120 return accept.encodings.apply(accept, arguments);
123 req.acceptsEncoding = deprecate.function(req.acceptsEncodings,
124 'req.acceptsEncoding: Use acceptsEncodings instead');
127 * Check if the given `charset`s are acceptable,
128 * otherwise you should respond with 406 "Not Acceptable".
130 * @param {String} ...charset
135 req.acceptsCharsets = function(){
136 var accept = accepts(this);
137 return accept.charsets.apply(accept, arguments);
140 req.acceptsCharset = deprecate.function(req.acceptsCharsets,
141 'req.acceptsCharset: Use acceptsCharsets instead');
144 * Check if the given `lang`s are acceptable,
145 * otherwise you should respond with 406 "Not Acceptable".
147 * @param {String} ...lang
152 req.acceptsLanguages = function(){
153 var accept = accepts(this);
154 return accept.languages.apply(accept, arguments);
157 req.acceptsLanguage = deprecate.function(req.acceptsLanguages,
158 'req.acceptsLanguage: Use acceptsLanguages instead');
161 * Parse Range header field,
162 * capping to the given `size`.
164 * Unspecified ranges such as "0-" require
165 * knowledge of your resource length. In
166 * the case of a byte range this is of course
167 * the total number of bytes. If the Range
168 * header field is not given `null` is returned,
169 * `-1` when unsatisfiable, `-2` when syntactically invalid.
171 * NOTE: remember that ranges are inclusive, so
172 * for example "Range: users=0-3" should respond
173 * with 4 users when available, not 3.
175 * @param {Number} size
180 req.range = function(size){
181 var range = this.get('Range');
183 return parseRange(size, range);
187 * Return the value of param `name` when present or `defaultValue`.
189 * - Checks route placeholders, ex: _/user/:id_
190 * - Checks body params, ex: id=12, {"id":12}
191 * - Checks query string params, ex: ?id=12
193 * To utilize request bodies, `req.body`
194 * should be an object. This can be done by using
195 * the `bodyParser()` middleware.
197 * @param {String} name
198 * @param {Mixed} [defaultValue]
203 req.param = function param(name, defaultValue) {
204 var params = this.params || {};
205 var body = this.body || {};
206 var query = this.query || {};
208 var args = arguments.length === 1
211 deprecate('req.param(' + args + '): Use req.params, req.body, or req.query instead');
213 if (null != params[name] && params.hasOwnProperty(name)) return params[name];
214 if (null != body[name]) return body[name];
215 if (null != query[name]) return query[name];
221 * Check if the incoming request contains the "Content-Type"
222 * header field, and it contains the give mime `type`.
226 * // With Content-Type: text/html; charset=utf-8
228 * req.is('text/html');
232 * // When Content-Type is application/json
234 * req.is('application/json');
235 * req.is('application/*');
241 * @param {String} type
246 req.is = function(types){
247 if (!Array.isArray(types)) types = [].slice.call(arguments);
248 return typeis(this, types);
252 * Return the protocol string "http" or "https"
253 * when requested with TLS. When the "trust proxy"
254 * setting trusts the socket address, the
255 * "X-Forwarded-Proto" header field will be trusted
256 * and used if present.
258 * If you're running behind a reverse proxy that
259 * supplies https for you this may be enabled.
265 defineGetter(req, 'protocol', function protocol(){
266 var proto = this.connection.encrypted
269 var trust = this.app.get('trust proxy fn');
271 if (!trust(this.connection.remoteAddress)) {
275 // Note: X-Forwarded-Proto is normally only ever a
276 // single value, but this is to be safe.
277 proto = this.get('X-Forwarded-Proto') || proto;
278 return proto.split(/\s*,\s*/)[0];
284 * req.protocol == 'https'
290 defineGetter(req, 'secure', function secure(){
291 return 'https' == this.protocol;
295 * Return the remote address from the trusted proxy.
297 * The is the remote address on the socket unless
298 * "trust proxy" is set.
304 defineGetter(req, 'ip', function ip(){
305 var trust = this.app.get('trust proxy fn');
306 return proxyaddr(this, trust);
310 * When "trust proxy" is set, trusted proxy addresses + client.
312 * For example if the value were "client, proxy1, proxy2"
313 * you would receive the array `["client", "proxy1", "proxy2"]`
314 * where "proxy2" is the furthest down-stream and "proxy1" and
315 * "proxy2" were trusted.
321 defineGetter(req, 'ips', function ips() {
322 var trust = this.app.get('trust proxy fn');
323 var addrs = proxyaddr.all(this, trust);
324 return addrs.slice(1).reverse();
328 * Return subdomains as an array.
330 * Subdomains are the dot-separated parts of the host before the main domain of
331 * the app. By default, the domain of the app is assumed to be the last two
332 * parts of the host. This can be changed by setting "subdomain offset".
334 * For example, if the domain is "tobi.ferrets.example.com":
335 * If "subdomain offset" is not set, req.subdomains is `["ferrets", "tobi"]`.
336 * If "subdomain offset" is 3, req.subdomains is `["tobi"]`.
342 defineGetter(req, 'subdomains', function subdomains() {
343 var hostname = this.hostname;
345 if (!hostname) return [];
347 var offset = this.app.get('subdomain offset');
348 var subdomains = !isIP(hostname)
349 ? hostname.split('.').reverse()
352 return subdomains.slice(offset);
356 * Short-hand for `url.parse(req.url).pathname`.
362 defineGetter(req, 'path', function path() {
363 return parse(this).pathname;
367 * Parse the "Host" header field to a hostname.
369 * When the "trust proxy" setting trusts the socket
370 * address, the "X-Forwarded-Host" header field will
377 defineGetter(req, 'hostname', function hostname(){
378 var trust = this.app.get('trust proxy fn');
379 var host = this.get('X-Forwarded-Host');
381 if (!host || !trust(this.connection.remoteAddress)) {
382 host = this.get('Host');
387 // IPv6 literal support
388 var offset = host[0] === '['
389 ? host.indexOf(']') + 1
391 var index = host.indexOf(':', offset);
394 ? host.substring(0, index)
398 // TODO: change req.host to return host in next major
400 defineGetter(req, 'host', deprecate.function(function host(){
401 return this.hostname;
402 }, 'req.host: Use req.hostname instead'));
405 * Check if the request is fresh, aka
406 * Last-Modified and/or the ETag
413 defineGetter(req, 'fresh', function(){
414 var method = this.method;
415 var s = this.res.statusCode;
417 // GET or HEAD for weak freshness validation only
418 if ('GET' != method && 'HEAD' != method) return false;
420 // 2xx or 304 as per rfc2616 14.26
421 if ((s >= 200 && s < 300) || 304 == s) {
422 return fresh(this.headers, (this.res._headers || {}));
429 * Check if the request is stale, aka
430 * "Last-Modified" and / or the "ETag" for the
431 * resource has changed.
437 defineGetter(req, 'stale', function stale(){
442 * Check if the request was an _XMLHttpRequest_.
448 defineGetter(req, 'xhr', function xhr(){
449 var val = this.get('X-Requested-With') || '';
450 return 'xmlhttprequest' == val.toLowerCase();
454 * Helper function for creating a getter on an object.
456 * @param {Object} obj
457 * @param {String} name
458 * @param {Function} getter
461 function defineGetter(obj, name, getter) {
462 Object.defineProperty(obj, name, {