versace Comments - Answer Overflow

versace

Posts Comments

ZZod

•Created by versace on 2/12/2025 in #questions

versace - hey!I am currently investigating wh...

thanks for your suggestions!

13 replies

ZZod

•Created by versace on 2/12/2025 in #questions

versace - hey!I am currently investigating wh...

we decided to go the route of just lower casing the whole header object that is retrieved from the request, it didn't seem like any other option had good code maintenance experience.

13 replies

ZZod

•Created by versace on 2/12/2025 in #questions

versace - hey!I am currently investigating wh...

interesting, the way it works for us today, is that we define the full object/schema of which headers exist, and then parse it as the first action in the request parsing flow.

const commonHeaders = {
  [Api.requestHeaders.cookie]: z.string().includes(Api.csrf.cookieName),
  [Api.csrf.headername]: z.string(),
};

// example usage
const headerSchema = z.object({
  ...commonHeaders,
  [Api.requestHeaders.authorization]: z.string(),
});

const commonHeaders = {
  [Api.requestHeaders.cookie]: z.string().includes(Api.csrf.cookieName),
  [Api.csrf.headername]: z.string(),
};

// example usage
const headerSchema = z.object({
  ...commonHeaders,
  [Api.requestHeaders.authorization]: z.string(),
});

the problem here is that the keys are by default sensitive inside of z.object, how would your solutions be applied here?

13 replies

Gaming

Programming