NodeJS 如何使用安全和快速模式验证和序列化?

pokxtpni  于 2023-04-29  发布在  Node.js
关注(0)|答案(1)|浏览(103)

我正在学习fastify,我学习了验证模式。如果我去fastify文档验证,我看到了这个:

Treat the schema definition as application code. Validation and serialization features dynamically evaluate code with new Function(), which is not safe to use with user-provided schemas. See Ajv and fast-json-stringify for more details.

Moreover, the $async Ajv feature should not be used as part of the first validation strategy. This option is used to access Databases and reading them during the validation process may lead to Denial of Service Attacks to your application. If you need to run async tasks, use Fastify's hooks instead after validation completes, such as preHandler.

那么,我现在应该使用ajv或fast-json-stringify哪一种,以及如何在我的模式中使用它?
我学到了:

schema: {
    response: {
      200: {
        type: 'array',
        items: {
          type: 'object',
          properties: {
            name: { type: 'string' },
            age: { type: 'number' }
          }
        }
      }
    }
  }

还有这个

fastify.addSchema({
    $id: "createUseSchema",
    type: "object",
    required: ["name"],
    properties: {
      name: {
        type: "string",
      },
    },
  });

但是我应该使用哪个库来实现安全和快速的JSON呢?

相关问题