在接收和解析请求主体之前，如何检查POST请求标头？

Question

When a POST request is received, is there any way to check its headers, before receiving the request body and parsing it?

Imagine you have very large incoming POST requests (~25MB) and you need to decide whether to process them or discard them based on their headers' content.

To spare bandwith, memory, cpu, and time it would be much better if it could be possible to have this flow:

1. The POST request hits the server.
2. The server only receives it up to the headers content, and then holds the transmission on standby.
3. The server checks the headers and decides what to do.
4. If the headers are ok it proceeds receiving the request and parses the body, otherwise it closes the connection and sends a 401 reply.

Is this possible at all? If so, what is a good way to do it in Koa ?

Thanks!

Answer 1

You can't check the headers before "receiving" the body. If you wanted to do something like that, you'd need create a custom function that reads bytes from a socket, and parses only the headers, and closes the connection in case of certain logic, which is probably more work than you're willing to do.

What you CAN do, is create a middleware function that reads the headers and then either a) continues on to the next middleware or b) ends the request. You can then make it so that this middleware is executed BEFORE the body parsing middleware (if you're using something like koa-body). This way, although the body is already "received", the request is sent before the body is even parsed.

It's pretty easy to implement something like this, and there are plenty of guides outlining the process for creating and registering new middleware. If you do not already know how to do it, I suggest starting here .

EDIT: If you're doing file uploads and you're using multipart then it should be not a problem to check the headers using a middleware function and send a 401. That will terminate the connection and the file upload, as long as you do it before you start parsing the upload.