receiving inflated response with inflated setting set to false
DarioSiroki opened this issue · comments
I could be doing something wrong, I don't want you to solve my issue since I have found a workaround, but just to point out that I think I found a bug in library, here is working example:
Node:
npm i body-parser express corsconst bodyParser = require("body-parser");
const express = require("express");
const cors = require("cors");
const octetStreamParser = bodyParser.raw({
inflate: false,
type: "application/octet-stream",
limit: "200mb",
});
const app = express();
app.use(cors());
app.post("/api", octetStreamParser, (req, res) => {
console.log(req.body.buffer);
const bufferString = Buffer.from(req.body.buffer).toString();
console.log(bufferString);
res.json({ status: "success" });
});
app.listen(8081, () => {
console.log("Server", `Server is listening on port 8081`);
});Request:
curl 'http://localhost:8081/api' \
-H 'Connection: keep-alive' \
-H 'accept: */*' \
-H 'DNT: 1' \
-H 'accept-language: en-US,en;q=0.9,hr-HR;q=0.8,hr;q=0.7,es-US;q=0.6,es;q=0.5' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) snap Chromium/83.0.4103.106 Chrome/83.0.4103.106 Safari/537.36' \
-H 'content-type: application/octet-stream' \
-H 'Origin: chrome-search://local-ntp' \
-H 'Sec-Fetch-Site: cross-site' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Dest: empty' \
--data-binary $'[{"id":"NiDBzAiEWRHo6dsfw","classIndex…\u00020š\u0002points…\u0002[39,4§\u000241³\u00022³\u00023³\u00024³\u00025³\u00026³\u00027³\u00028³\u0002²\u00025§\u00025·\u00025¹\u00025»\u00025½\u00025¿\u00025Á\u00025Ã\u00025Å\u00025²\u00023Ì\u0002,Ü\u0002»\u0002Ü\u0002½\u0002Ü\u0002¿\u0002Ü\u0002Á\u0002Ü\u0002Ã\u0002Ü\u0002Å\u0002Ü\u0002Û\u00026§\u000236·\u0002ï\u0002¹\u0002ï\u0002à\u00026â\u00026ä\u00026æ\u00026è\u00026ê\u00026Û\u00027î\u00027ñ\u00027ó\u00027½\u0002ü\u0002¹\u0002ü\u0002»\u0002ü\u0002‰\u00037¿\u0002ü\u0002Á\u0002ü\u0002Ã\u0002ü\u0002Å\u0002ü\u0002²\u0002þ\u0002§\u0002þ\u0002·\u0002þ\u0002‹\u00038\u00038‰\u00038‘\u00038“\u00038•\u00038—\u00038™\u00039›\u00039\u00039¹\u00029ö\u0002,´\u0003¿\u0002´\u0003Á\u0002´\u0003Ã\u0002´\u0003Å\u0002´\u0003²\u00029‚\u0003¶\u0003„\u0003Ã\u0003³\u00037»\u0002Á\u0003½\u0002Á\u0003¸\u00037º\u00037¼\u00037¾\u00037²\u000212Ç\u0003,Õ\u0003ˆ\u0003Ø\u0003Ö\u0003¿\u0002Ù\u0003Á\u0002Ù\u0003Ã\u0002Ù\u0003Å\u0002Ù\u0003Ô\u000328§\u0002Õ\u00038·\u00021Ö\u0002»\u0002ì\u0003Ú\u0003ï\u0003Ý\u0003Ö\u0002ß\u0003Ö\u0002á\u0003Ö\u0002ã\u0003Ö\u0002Ô\u0003Ø\u0002è\u0003Ø\u0002ë\u0003Ø\u0002¹\u0002ì\u0003 \u0003Ø\u0003®\u0003ã\u0003®\u0003Ô\u0003°\u0003è\u0003°\u0003ë\u0003°\u0003€\u0004°\u0003î\u0003°\u0003½\u00021°\u00035]}]' \
--compressedAPI receives a response of 8192 bytes instead of 445 bytes and response is inflated with random code, this is the output:
https://pastebin.com/N0Wh6mMZ
It seems that any request that is smaller than 1-2k bytes gets inflated. This is my stackoverflow thread, I have found another workaround
Since req.body is a Node.js Buffer object, the .buffer property contains random memory, so you cannot use that to see the actual contents. https://nodejs.org/dist/latest-v14.x/docs/api/buffer.html#buffer_buf_buffer
buf.buffer#
The underlying ArrayBuffer object based on which this Buffer object is created.
This ArrayBuffer is not guaranteed to correspond exactly to the original Buffer. See the notes on buf.byteOffset for details.
You should just be looking at the req.body directly and not the underlying Buffer of the Buffer. You can always reach out to Node.js help if you need help with how to use Buffer objects on the Node.js platform: https://github.com/nodejs/help/issues
Here is a demo of that in the Node.js command line (not even using this module):
$ node -pe 'Buffer.allocUnsafe(445).buffer'
ArrayBuffer {
[Uint8Contents]: <00 e1 b7 c1 23 02 00 00 f0 a4 b8 c1 23 02 00 00 00 20 00 00 00 00 00 00 60 c0 2c c0 23 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff 0a 00 00 00 ff ff ff ff 33 00 00 00 ff ff ff ff 39 00 00 00 20 cc b4 c1 23 02 00 00 00 00 00 00 00 00 00 00 78 5a b7 c1 23 02 00 00 00 00 00 00 ... 8092 more bytes>,
byteLength: 8192
}
I have tried with req.body but I got the same result, retried now and it's good. Looks like I did something wrong, thanks for clarification!