Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc: expand req.query change documentation #1127

Merged
merged 1 commit into from
Apr 14, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion _includes/api/en/4x/req-query.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<h3 id='req.query'>req.query</h3>

This property is an object containing a property for each query string parameter in the route.
If there is no query string, it is the empty object, `{}`.
When [query parser](#app.settings.table) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser.

<div class="doc-box doc-warn" markdown="1">
As `req.query`'s shape is based on user-controlled input, all properties and values in this object are untrusted and should be validated before trusting. For example, `req.query.foo.toString()` may fail in multiple ways, for example `foo` may not be there or may not be a string, and `toString` may not be a function and instead a string or other user-input.
Expand Down
2 changes: 1 addition & 1 deletion _includes/api/en/5x/req-query.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<h3 id='req.query'>req.query</h3>

This property is an object containing a property for each query string parameter in the route.
If there is no query string, it is the empty object, `{}`.
When [query parser](#app.settings.table) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser.

<div class="doc-box doc-warn" markdown="1">
As `req.query`'s shape is based on user-controlled input, all properties and values in this object are untrusted and should be validated before trusting. For example, `req.query.foo.toString()` may fail in multiple ways, for example `foo` may not be there or may not be a string, and `toString` may not be a function and instead a string or other user-input.
Expand Down