admin管理员组

文章数量:1123031

This is on a web app which is built using MEAN stack. Node version 20.18; Ubuntu 22.04; Angular 17.x (the dist file is served from within the Node project.)

When the web-app URL is visited. It throws the error. Detailed error is given further below and also the screenshot.

TypeError: Cannot assign to read only property 'query' of object '#<IncomingMessage>'
    at /root/cops/node_modules/express-mongo-sanitize/index.js:113:18

If I comment out the mongoSanitize part in app.js below, the error disappears.

The same code is running on another VPS, with same env and there this error is not thrown. I am unable to figure out the cause of this error.

Extract of app.js

const path = require("path")
const mongoose = require('mongoose');
const express = require('express');
const bodyparser = require('body-parser');
const cookieParser = require('cookie-parser');
const crypto = require('crypto');

const { xss } = require('express-xss-sanitizer');
const helmet = require('helmet');
const mongoSanitize = require('express-mongo-sanitize');

const config = require('./config/config');
const morgan = require('./config/morgan');
const logger = require('./config/logger');
const ApiError = require('./helpers/ApiError');
const { errorHandlerNew, errorConvertor } = require('./middleware/errors');
const app = express();

app.use(morgan.successLogHandler);
app.use(morgan.errorLogHandler);

const connectStr = config.dbConnection + config.dbName;
mongoose.connect(connectStr, mongooseOpts)
  .then(() => {
    logger.info('Connected to database');
  })
  .catch((err) => {
    logger.error('Database connection failed with error: ' + err);
  });

app.use(bodyparser.json());
app.use(bodyparser.urlencoded({extended: false}));
app.use(cookieParser());

app.use(xss());
// app.use(mongoSanitize());   /// WHEN ENABLED GIVES ERROR

app.use("/", express.static(path.join(__dirname, "angular")));

const myCors = {
  origin: ["http://localhost:4200","http://localhost:5200", ...],
  default: "http://localhost:4200"
}

app.use((req, res, next) => {
  // logger.info('app.js req.headers.origin: ' + req.headers.origin);
  let reqHeadersOrigin = '';
  if(req.headers.origin) reqHeadersOrigin = req.headers.origin.toLowerCase();
  const origin = myCors.origin.includes(reqHeadersOrigin) ? req.headers.origin : myCors.default;
  res.setHeader('Access-Control-Allow-Origin', origin);
  res.setHeader("Access-Control-Allow-Credentials", true);
  res.setHeader(
  'Access-Control-Allow-Headers',
  'Origin, X-Requested-With, Content-Type, Accept, Authorization, x-client-key, x-client-token, x-client-secret');

  res.setHeader(
  'Access-Control-Allow-Methods',
  'GET, POST, PUT, PATCH, DELETE, OPTIONS')

  if (req.method === 'OPTIONS') {
    return res.status(200).end();
  }

  next();
});

app.use((req, res, next) => {
  res.sendFile(path.join(__dirname, "angular", "index.html"));
});

ERROR on loading the portal

10 Jan 2025, 10:47:06 pm: error: TypeError: Cannot assign to read only property 'query' of object '#<IncomingMessage>'
    at /root/cops/node_modules/express-mongo-sanitize/index.js:113:18
    at Array.forEach (<anonymous>)
    at /root/cops/node_modules/express-mongo-sanitize/index.js:110:44
    at Layer.handle [as handle_request] (/root/cops/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/root/cops/node_modules/express/lib/router/index.js:328:13)
    at /root/cops/node_modules/express/lib/router/index.js:286:9
    at Function.process_params (/root/cops/node_modules/express/lib/router/index.js:346:12)
    at next (/root/cops/node_modules/express/lib/router/index.js:280:10)
    at /root/cops/node_modules/express-xss-sanitizer/index.js:19:5
    at Layer.handle [as handle_request] (/root/cops/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/root/cops/node_modules/express/lib/router/index.js:328:13)
    at /root/cops/node_modules/express/lib/router/index.js:286:9
    at Function.process_params (/root/cops/node_modules/express/lib/router/index.js:346:12)
    at next (/root/cops/node_modules/express/lib/router/index.js:280:10)
    at cookieParser (/root/cops/node_modules/cookie-parser/index.js:57:14)
    at Layer.handle [as handle_request] (/root/cops/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/root/cops/node_modules/express/lib/router/index.js:328:13)
    at /root/cops/node_modules/express/lib/router/index.js:286:9
    at Function.process_params (/root/cops/node_modules/express/lib/router/index.js:346:12)
    at next (/root/cops/node_modules/express/lib/router/index.js:280:10)
    at urlencodedParser (/root/cops/node_modules/body-parser/lib/types/urlencoded.js:94:7)
    at Layer.handle [as handle_request] (/root/cops/node_modules/express/lib/router/layer.js:95:5)

本文标签:

版权声明:本文标题:node.js - express-mongo-sanitize - Cannot assign to read only property &#39;query&#39; of object &#39;#&lt;Incom 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736544674a1944431.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。