When querying an invalid column name the JSON response is missing the last curly brace only when the store is instantiated for the session. If session store is not used this issue does not present. This occurs only with bad requests (400).
with store:
{ "message": "Bad Request"
without store:
{ "message": "Bad Request" }
Similar issue here. The workaround posited does fix the problem, but I'm unsure why implementing the store causes the workaround to be necessary.
Express/Session are most recent version as of this post.
Code:
const bodyParser = require('body-parser');
const fs = require('fs');
const https = require('https');
const app = express();
const session = require('express-session');
const MySQLStore = require('express-mysql-session')(session);
const { serverError } = require('./utils/response');
const { log } = require('./utils');
const prototypes = require('./utils/prototypes');
const db = require('./utils/db/mysql');
db.connect();
const mysqlConn = db.pool;
const storeOptions = {
host: process.env.DB_HOST,
port: process.env.DB_PORT,
user: process.env.DB_USER,
password: process.env.DB_PASSWORD,
database: process.env.DB_DATABASE,
};
const sessionStore = new MySQLStore(storeOptions, mysqlConn);
// load all prototypes on initial startup
for (const func of Object.values(prototypes)) {
func();
}
// Tell express to use these middleware functions for every request
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: false,
}));
let useSecure = true;
if (process.env.SECURE) {
useSecure = process.env.SECURE === 'true';
}
app.use(session({
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: false,
rolling: true,
store: sessionStore, // Commenting out this line fixes the bad request issue but does not instantiate store
cookie: {
sameSite: 'lax',
secure: !!process.env.SECURE_CONTEXT,
// 24 minutes - should use env variable
maxAge: parseInt(process.env.SESSION_LENGTH, 10) || 1440000,
},
}));
@chill117 here is a repository where you can verify that this issue presents somewhere between express-mysql-session and express-session which has to do with a content length mismatch resulting in the broken response.
When querying an invalid column name the JSON response is missing the last curly brace only when the store is instantiated for the session. If session store is not used this issue does not present. This occurs only with bad requests (400).
with store:
{ "message": "Bad Request"
without store:
{ "message": "Bad Request" }
Similar issue here. The workaround posited does fix the problem, but I'm unsure why implementing the store causes the workaround to be necessary.
Express/Session are most recent version as of this post.
Code: