Enforce Validation on any request type

[baderkha]

Hey there , Thank you for providing this middleware , it's a blessing since i don't have to have to manually do it now. I forked it and modified abit for a project i'm working on .

I would only recommend that for the validation to not rely on the front end headers for the content type. as alot of times those aren't provided and as a result your validation logic will not work.

in this code block , theoretically we should just enforce validation on all 3 types of request types and headers types.

if ctLen > 1 && ctHdr == "application/json" {
            err := mw.HandleJson(c)
            if err != nil {
                return err
            }
        } else if ctHdr == "application/x-www-form-urlencoded" {
            err := mw.HandleXFormEncoded(c)
            if err != nil {
                return err
            }
        } else if strings.Contains(ctHdr, "multipart/form-data") {
            err := mw.HandleMultiPartFormData(c, ctHdr)
            if err != nil {
                return err
            }
        }

or an alternative solution if you think that makes it not elegant , is to enforce it route level , where we can specify which request typeValidator to use ie would look like this kind of.

var xssMdlwr middleware.XssMw
router.POST("",xssMdlwr.HeaderType('application/json'),controller.SomePostFunc)

this way we don't have to rely on the client passed header type.

[dvwright]

Hi @baderkha thanks for the suggestion. I haven't worked on this code for some time, so will have to get my head around it again when I get a chance, go with what seems right to you. Feel free to submit a PR and we can get this merged in, try to include a test if possible. Thanks (Sorry for the late reply.)