From d0127f29e6ca3981cb33c4668f5c3a87e6900980 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Mon, 27 Apr 2026 14:31:01 +0200 Subject: [PATCH 01/16] ci: exclude LinkedIn sharing links from link checker --- .lycheeignore | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.lycheeignore b/.lycheeignore index 29bed0cc5d..13197a39ab 100644 --- a/.lycheeignore +++ b/.lycheeignore @@ -1,5 +1,4 @@ # Prevent rate limit for npmjs links - http://npmjs.com/.* https://npmjs.com/.* https://www.npmjs.com/.* @@ -19,10 +18,11 @@ https://opencollective.com/.* # Prevent netlify rate limit https://www.netlify.com/ -## Ignore temporaly sitemap +# Ignore temporarily sitemap https://expressjs.com/sitemap-index.xml # Ignore Coveralls links - https://coveralls.io/-* +# Prevent LinkedIn rate limit +https://www.linkedin.com/sharing/share-offsite/.* From 8109e7568ecc5ff6fd16ec7d1ff6a987594a2004 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Tue, 19 May 2026 00:51:29 +0200 Subject: [PATCH 02/16] ci(link checker): ignore Slack invite 403 --- .lycheeignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.lycheeignore b/.lycheeignore index 13197a39ab..297e061773 100644 --- a/.lycheeignore +++ b/.lycheeignore @@ -26,3 +26,6 @@ https://coveralls.io/-* # Prevent LinkedIn rate limit https://www.linkedin.com/sharing/share-offsite/.* + +# Ignore slack invite 403 (this will cause us to miss link invite expiration too) +https://slack-invite.openjsf.org/ From 59146f4aafe8dfc192cc3c2aa801b3be2c48e1ab Mon Sep 17 00:00:00 2001 From: krzysdz Date: Tue, 19 May 2026 00:52:53 +0200 Subject: [PATCH 03/16] ci(link checker): don't ignore sitemap --- .lycheeignore | 3 --- 1 file changed, 3 deletions(-) diff --git a/.lycheeignore b/.lycheeignore index 297e061773..ade1f4dc40 100644 --- a/.lycheeignore +++ b/.lycheeignore @@ -18,9 +18,6 @@ https://opencollective.com/.* # Prevent netlify rate limit https://www.netlify.com/ -# Ignore temporarily sitemap -https://expressjs.com/sitemap-index.xml - # Ignore Coveralls links https://coveralls.io/-* From 2535e007d31315f2cfb589bd3540470f4ba07ee3 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Tue, 19 May 2026 16:48:16 +0200 Subject: [PATCH 04/16] Update internal links and anchors in API docs Internal links have been changed to relative URLs. This should help with redirecting to translated pages (the URL won't have to be localized) and keeping the right version. Anchors that point to headers that are localized will have to be changed. --- src/content/api/3x/api/request/index.mdx | 4 +- src/content/api/3x/api/response/index.mdx | 8 +- src/content/api/4x/api/application/index.mdx | 46 ++++++------ src/content/api/4x/api/express/index.mdx | 22 +++--- src/content/api/4x/api/request/index.mdx | 30 ++++---- src/content/api/4x/api/response/index.mdx | 20 ++--- src/content/api/4x/api/router/index.mdx | 8 +- src/content/api/5x/api/application/index.mdx | 79 ++++++++++---------- src/content/api/5x/api/express/index.mdx | 22 +++--- src/content/api/5x/api/request/index.mdx | 36 ++++----- src/content/api/5x/api/response/index.mdx | 16 ++-- src/content/api/5x/api/router/index.mdx | 8 +- 12 files changed, 150 insertions(+), 149 deletions(-) diff --git a/src/content/api/3x/api/request/index.mdx b/src/content/api/3x/api/request/index.mdx index b7273035e2..25b7473dfa 100644 --- a/src/content/api/3x/api/request/index.mdx +++ b/src/content/api/3x/api/request/index.mdx @@ -164,7 +164,7 @@ where "proxy2" is the furthest down-stream. This property is much like `req.url`, however it retains the original request url, allowing you to rewrite `req.url` freely for internal routing purposes. For example the "mounting" feature -of app.use() will rewrite `req.url` to +of [app.use()](../application/#appusepath-function) will rewrite `req.url` to strip the mount point. ```js @@ -243,7 +243,7 @@ console.dir(req.query.shoe.type); ### req.res -This property holds a reference to the response object +This property holds a reference to the [response object](../response/) that relates to this request object. ### req.route diff --git a/src/content/api/3x/api/response/index.mdx b/src/content/api/3x/api/response/index.mdx index f488de7412..c2a7b6d54e 100644 --- a/src/content/api/3x/api/response/index.mdx +++ b/src/content/api/3x/api/response/index.mdx @@ -24,7 +24,7 @@ res.send('

some html

'); Response local variables are scoped to the request, thus only available to the view(s) rendered during that request / response -cycle, if any. Otherwise this API is identical to app.locals. +cycle, if any. Otherwise this API is identical to [app.locals](../application/#applocals). This object is useful for exposing request-level information such as the request pathname, authenticated user, user settings etcetera. @@ -39,7 +39,7 @@ app.use(function (req, res, next) { ### res.req -This property holds a reference to the request object +This property holds a reference to the [request object](../request/) that relates to this response object. ## Methods @@ -106,7 +106,7 @@ to sign the value. res.cookie('name', 'tobi', { signed: true }); ``` -Later you may access this value through the req.signedCookie +Later you may access this value through the [req.signedCookie](../request/#reqsignedcookies) object. ### res.download(path, [filename], [fn]) @@ -230,7 +230,7 @@ res.jsonp(500, { error: 'message' }); ``` By default the JSONP callback name is simply `callback`, -however you may alter this with the jsonp callback name +however you may alter this with the [jsonp callback name](../application/#settings) setting. The following are some examples of JSONP responses using the same code: diff --git a/src/content/api/4x/api/application/index.mdx b/src/content/api/4x/api/application/index.mdx index ac1189715d..7b727f8a89 100644 --- a/src/content/api/4x/api/application/index.mdx +++ b/src/content/api/4x/api/application/index.mdx @@ -31,7 +31,7 @@ for more information, see [Application Settings](#application-settings). -The Express application object can be referred from the [request object](/en/4x/api/request) and the [response object](/en/4x/api/response) as `req.app`, and `res.app`, respectively. +The Express application object can be referred from the [request object](../request/) and the [response object](../response/) as `req.app`, and `res.app`, respectively. @@ -40,7 +40,7 @@ The Express application object can be referred from the [request object](/en/4x/ ### app.locals The `app.locals` object has properties that are local variables within the application, -and will be available in templates rendered with [res.render](#res.render). +and will be available in templates rendered with [res.render](../response/#resrenderview--locals--callback). @@ -60,12 +60,12 @@ console.dir(app.locals.email); ``` Once set, the value of `app.locals` properties persist throughout the life of the application, -in contrast with [res.locals](#res.locals) properties that +in contrast with [res.locals](../response/#reslocals) properties that are valid only for the lifetime of the request. You can access local variables in templates rendered within the application. This is useful for providing helper functions to templates, as well as application-level data. -Local variables are available in middleware via `req.app.locals` (see [req.app](#req.app)) +Local variables are available in middleware via `req.app.locals` (see [req.app](../request/#reqapp)) ```js app.locals.title = 'My App'; @@ -97,7 +97,7 @@ admin.get('/', function (req, res) { app.use('/admin', admin); // mount the sub app ``` -It is similar to the [baseUrl](#req.baseUrl) property of the `req` object, except `req.baseUrl` +It is similar to the [baseUrl](../request/#reqbaseurl) property of the `req` object, except `req.baseUrl` returns the matched URL path, instead of the matched patterns. If a sub-app is mounted on multiple path patterns, `app.mountpath` returns the list of @@ -166,7 +166,7 @@ except it matches all HTTP verbs. | Argument | Description | Default | | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | | `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](#router) and [app](#application) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Examples @@ -209,14 +209,14 @@ app.all('/api/*', requireAuthentication); ### app.delete(path, callback [, callback ...]) Routes HTTP DELETE requests to the specified path with the specified callback functions. -For more information, see the [routing guide](/en/guide/routing). +For more information, see the [routing guide](../../guide/routing/). #### Arguments | Argument | Description | Default | | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | | `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](#router) and [app](#application) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Example @@ -338,9 +338,9 @@ Routes HTTP GET requests to the specified path with the specified callback funct | Argument | Description | Default | | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | | `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](#router) and [app](#application) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | -For more information, see the [routing guide](/en/guide/routing). +For more information, see the [routing guide](../../guide/routing/). #### Example @@ -417,7 +417,7 @@ PUT, POST, and so on, in lowercase. Thus, the actual methods are `app.get()`, | Argument | Description | Default | | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | | `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](#router) and [app](#application) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Routing methods @@ -518,11 +518,11 @@ The method, `app.all()`, is not derived from any HTTP method and loads middlewar the specified path for _all_ HTTP request methods. For more information, see [app.all](#appallpath-callback--callback-). -For more information on routing, see the [routing guide](/en/guide/routing). +For more information on routing, see the [routing guide](../../guide/routing/). ### app.param([name], callback) -Add callback triggers to [route parameters](/en/guide/routing#route-parameters), where `name` is the name of the parameter or an array of them, and `callback` is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order. +Add callback triggers to [route parameters](../../guide/routing/#route-parameters), where `name` is the name of the parameter or an array of them, and `callback` is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order. If `name` is an array, the `callback` trigger is registered for each parameter declared in it, in the order in which they are declared. Furthermore, for each declared parameter except the last one, a call to `next` inside the callback will call the callback for the next declared parameter. For the last parameter, a call to `next` will call the next middleware in place for the route currently being processed, just like it would if `name` were just a string. @@ -701,19 +701,19 @@ console.dir(blogAdmin.path()); // '/blog/admin' ``` The behavior of this method can become very complicated in complex cases of mounted apps: -it is usually better to use [req.baseUrl](#req.baseUrl) to get the canonical path of the app. +it is usually better to use [req.baseUrl](../request/#reqbaseurl) to get the canonical path of the app. ### app.post(path, callback [, callback ...]) Routes HTTP POST requests to the specified path with the specified callback functions. -For more information, see the [routing guide](/en/guide/routing). +For more information, see the [routing guide](../../guide/routing). #### Arguments | Argument | Description | Default | | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | | `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](#router) and [app](#application) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Example @@ -732,7 +732,7 @@ Routes HTTP PUT requests to the specified path with the specified callback funct | Argument | Description | Default | | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | | `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](#router) and [app](#application) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Example @@ -745,7 +745,7 @@ app.put('/', function (req, res) { ### app.render(view, [locals], callback) Returns the rendered HTML of a view via the `callback` function. It accepts an optional parameter -that is an object containing local variables for the view. It is like [res.render()](#res.render), +that is an object containing local variables for the view. It is like [res.render()](../response/#resrenderview--locals--callback), except it cannot send the rendered view to the client on its own. @@ -859,7 +859,7 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN #### Options for `trust proxy` setting -Read [Express behind proxies](/en/guide/behind-proxies) for more information. +Read [Express behind proxies](../../guide/behind-proxies) for more information. **Boolean**: If `true`, the client's IP address is understood as the left-most entry in the `X-Forwarded-*` header. If `false`, the app is understood as directly facing the Internet and the client's IP address is derived from `req.connection.remoteAddress`. This is the default setting. @@ -929,7 +929,7 @@ app.set('etag', function (body, encoding) { ### app.use([path,] callback [, callback...]) -Mounts the specified [middleware](/en/guide/using-middleware) function or functions +Mounts the specified [middleware](../../guide/using-middleware) function or functions at the specified path: the middleware function is executed when the base of the requested path matches `path`. @@ -938,7 +938,7 @@ the middleware function is executed when the base of the requested path matches | Argument | Description | Default | | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | | `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](#router) and [app](#application) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Description @@ -984,7 +984,7 @@ app.get('/', function (req, res) { **Error-handling middleware** -Error-handling middleware always takes _four_ arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don't need to use the `next` object, you must specify it to maintain the signature. Otherwise, the `next` object will be interpreted as regular middleware and will fail to handle errors. For details about error-handling middleware, see: [Error handling](/en/guide/error-handling). +Error-handling middleware always takes _four_ arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don't need to use the `next` object, you must specify it to maintain the signature. Otherwise, the `next` object will be interpreted as regular middleware and will fail to handle errors. For details about error-handling middleware, see: [Error handling](../../guide/error-handling). Define error-handling middleware functions in the same way as other middleware functions, except with four arguments instead of three, specifically with the signature `(err, req, res, next)`): @@ -1149,7 +1149,7 @@ subApp.get('/', function (req, res, next) { app.use(mw1, [mw2, r1, r2], subApp); ``` -Following are some examples of using the [express.static](/en/guide/using-middleware#middleware.built-in) +Following are some examples of using the [express.static](../../guide/using-middleware/#built-in-middleware) middleware in an Express app. Serve static content for the app from the "public" directory in the application directory: diff --git a/src/content/api/4x/api/express/index.mdx b/src/content/api/4x/api/express/index.mdx index 51064c62a7..df904a0a5b 100644 --- a/src/content/api/4x/api/express/index.mdx +++ b/src/content/api/4x/api/express/index.mdx @@ -20,7 +20,7 @@ var app = express(); This is a built-in middleware function in Express. It parses incoming requests with JSON payloads and is based on -[body-parser](/en/resources/middleware/body-parser). +[body-parser](../../../resources/middleware/body-parser). Returns middleware that only parses JSON and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts any @@ -62,7 +62,7 @@ The following table describes the properties of the optional `options` object. This is a built-in middleware function in Express. It parses incoming request payloads into a `Buffer` and is based on -[body-parser](/en/resources/middleware/body-parser). +[body-parser](../../../resources/middleware/body-parser). Returns middleware that parses all bodies as a `Buffer` and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts @@ -98,7 +98,7 @@ The following table describes the properties of the optional `options` object. ### express.Router([options]) -Creates a new [router](#router) object. +Creates a new [router](../router/) object. ```js var router = express.Router([options]); @@ -119,17 +119,17 @@ The optional `options` parameter specifies the behavior of the router. You can add middleware and HTTP method routes (such as `get`, `put`, `post`, and so on) to `router` just like an application. -For more information, see [Router](#router). +For more information, see [Router](../router/). ### express.static(root, [options]) This is a built-in middleware function in Express. -It serves static files and is based on [serve-static](/en/resources/middleware/serve-static). +It serves static files and is based on [serve-static](../../../resources/middleware/serve-static). For best results, [use a reverse -proxy](/en/advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of +proxy](../../../advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of serving static assets. @@ -161,8 +161,8 @@ See also the [example below](#example-of-expressstatic). -For more information, see [Serving static files in Express](/en/starter/static-files). -and [Using middleware - Built-in middleware](/en/guide/using-middleware#middleware.built-in). +For more information, see [Serving static files in Express](../../starter/static-files). +and [Using middleware - Built-in middleware](../../guide/using-middleware/#built-in-middleware). #### dotfiles @@ -198,7 +198,7 @@ fn(res, path, stat); Arguments: -- `res`, the [response object](#res). +- `res`, the [response object](../response/). - `path`, the file path that is being sent. - `stat`, the `stat` object of the file that is being sent. @@ -228,7 +228,7 @@ app.use(express.static('public', options)); This is a built-in middleware function in Express. It parses incoming request payloads into a string and is based on -[body-parser](/en/resources/middleware/body-parser). +[body-parser](../../../resources/middleware/body-parser). Returns middleware that parses all bodies as a string and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts @@ -268,7 +268,7 @@ The following table describes the properties of the optional `options` object. This middleware is available in Express v4.16.0 onwards. This is a built-in middleware function in Express. It parses incoming requests -with urlencoded payloads and is based on [body-parser](/en/resources/middleware/body-parser). +with urlencoded payloads and is based on [body-parser](../../../resources/middleware/body-parser). Returns middleware that only parses urlencoded bodies and only looks at requests where the `Content-Type` header matches the `type` option. This diff --git a/src/content/api/4x/api/request/index.mdx b/src/content/api/4x/api/request/index.mdx index 14d389386d..30b402fb14 100644 --- a/src/content/api/4x/api/request/index.mdx +++ b/src/content/api/4x/api/request/index.mdx @@ -67,7 +67,7 @@ module.exports = function (req, res) { The URL path on which a router instance was mounted. -The `req.baseUrl` property is similar to the [mountpath](#app.mountpath) property of the `app` object, +The `req.baseUrl` property is similar to the [mountpath](../application/#appmountpath) property of the `app` object, except `app.mountpath` returns the matched path pattern(s). For example: @@ -98,7 +98,7 @@ made to `/hello/jp`, `req.baseUrl` is "/hello". Contains key-value pairs of data submitted in the request body. By default, it is `undefined`, and is populated when you use body-parsing middleware such -as [`express.json()`](#express.json) or [`express.urlencoded()`](#express.urlencoded). +as [`express.json()`](../express/#expressjsonoptions) or [`express.urlencoded()`](../express/#expressurlencodedoptions). @@ -158,7 +158,7 @@ console.dir(req.fresh); Contains the hostname derived from the `Host` HTTP header. -When the [`trust proxy` setting](/en/4x/api#trust.proxy.options.table) +When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property will instead get the value from the `X-Forwarded-Host` header field. This header can be set by the client or by the proxy. @@ -184,7 +184,7 @@ console.dir(req.hostname); Contains the remote IP address of the request. -When the [`trust proxy` setting](/en/4x/api#trust.proxy.options.table) does not evaluate to `false`, +When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, the value of this property is derived from the left-most entry in the `X-Forwarded-For` header. This header can be set by the client or by the proxy. @@ -195,7 +195,7 @@ console.dir(req.ip); ### req.ips -When the [`trust proxy` setting](/en/4x/api#trust.proxy.options.table) does not evaluate to `false`, +When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property contains an array of IP addresses specified in the `X-Forwarded-For` request header. Otherwise, it contains an empty array. This header can be set by the client or by the proxy. @@ -219,7 +219,7 @@ module](https://nodejs.org/api/http.html#http_message_url). This property is much like `req.url`; however, it retains the original request URL, allowing you to rewrite `req.url` freely for internal routing purposes. For example, -the "mounting" feature of [app.use()](#app.use) will rewrite `req.url` to strip the mount point. +the "mounting" feature of [app.use()](../application/#appusepath-callback--callback) will rewrite `req.url` to strip the mount point. ```js // GET /search?q=something @@ -242,7 +242,7 @@ app.use('/admin', function (req, res, next) { ### req.params -This property is an object containing properties mapped to the [named route "parameters"](/en/guide/routing#route-parameters). For example, if you have the route `/user/:name`, then the "name" property is available as `req.params.name`. This object defaults to `{}`. +This property is an object containing properties mapped to the [named route "parameters"](../../guide/routing/#route-parameters). For example, if you have the route `/user/:name`, then the "name" property is available as `req.params.name`. This object defaults to `{}`. ```js // GET /user/tj @@ -260,7 +260,7 @@ console.dir(req.params[0]); Named capturing groups in regular expressions behave like named route parameters. For example the group from `/^\/file\/(?.*)$/` expression is available as `req.params.path`. -If you need to make changes to a key in `req.params`, use the [app.param](/en/4x/api#app.param) handler. Changes are applicable only to [parameters](/en/guide/routing#route-parameters) already defined in the route path. +If you need to make changes to a key in `req.params`, use the [app.param](../application/#appparamname-callback) handler. Changes are applicable only to [parameters](../../guide/routing/#route-parameters) already defined in the route path. Any changes made to the `req.params` object in a middleware or route handler will be reset. @@ -283,7 +283,7 @@ console.dir(req.path); When called from a middleware, the mount point is not included in `req.path`. See -[app.use()](/en/4x/api#app.use) for more details. +[app.use()](../application/#appusepath-callback--callback) for more details. @@ -291,7 +291,7 @@ When called from a middleware, the mount point is not included in `req.path`. Se Contains the request protocol string: either `http` or (for TLS requests) `https`. -When the [`trust proxy` setting](#trust.proxy.options.table) does not evaluate to `false`, +When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property will use the value of the `X-Forwarded-Proto` header field if present. This header can be set by the client or by the proxy. @@ -303,7 +303,7 @@ console.dir(req.protocol); ### req.query This property is an object containing a property for each query string parameter in the route. -When [query parser](/en/api/application/app-set#app.settings.table) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser. +When [query parser](../application/#application-settings) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser. @@ -314,7 +314,7 @@ may not be a function and instead a string or other user-input. -The value of this property can be configured with the [query parser application setting](/en/api/application/app-set#app.settings.table) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.org/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: +The value of this property can be configured with the [query parser application setting](../application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.org/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: ```js var qs = require('qs'); @@ -325,11 +325,11 @@ app.set('query parser', function (str) { }); ``` -Check out the [query parser application setting](/en/api/application/app-set#app.settings.table) documentation for other customization options. +Check out the [query parser application setting](../application/#application-settings) documentation for other customization options. ### req.res -This property holds a reference to the response object +This property holds a reference to the [response object](../response) that relates to this request object. ### req.route @@ -407,7 +407,7 @@ console.dir(req.subdomains); The application property `subdomain offset`, which defaults to 2, is used for determining the beginning of the subdomain segments. To change this behavior, change its value -using [app.set](/en/4x/api#app.set). +using [app.set](../application/#appsetname-value). ### req.xhr diff --git a/src/content/api/4x/api/response/index.mdx b/src/content/api/4x/api/response/index.mdx index fa9559dab4..89981a0722 100644 --- a/src/content/api/4x/api/response/index.mdx +++ b/src/content/api/4x/api/response/index.mdx @@ -36,7 +36,7 @@ and supports all [built-in fields and methods](https://nodejs.org/api/http.html# This property holds a reference to the instance of the Express application that is using the middleware. -`res.app` is identical to the [req.app](#req.app) property in the request object. +`res.app` is identical to the [req.app](../request/#reqapp) property in the request object. ### res.headersSent @@ -52,7 +52,7 @@ app.get('/', function (req, res) { ### res.locals -Use this property to set variables accessible in templates rendered with [res.render](#resrenderview-locals-callback). +Use this property to set variables accessible in templates rendered with [res.render](#resrenderview--locals--callback). The variables set on `res.locals` are available within a single request-response cycle, and will not be shared between requests. @@ -66,7 +66,7 @@ for the used view engine for additional considerations. In order to keep local variables for use in template rendering between requests, use -[app.locals](#app.locals) instead. +[app.locals](../application/#applocals) instead. This property is useful for exposing request-level information such as the request path name, authenticated user, user settings, and so on to templates rendered within the application. @@ -82,7 +82,7 @@ app.use(function (req, res, next) { ### res.req -This property holds a reference to the request object +This property holds a reference to the [request object](../request/) that relates to this response object. ## Methods @@ -238,7 +238,7 @@ Then `res.cookie()` will use the secret passed to `cookieParser(secret)` to sign res.cookie('name', 'tobi', { signed: true }); ``` -Later you may access this value through the [req.signedCookie](#req.signedCookies) object. +Later you may access this value through the [req.signedCookie](../request/#reqsignedcookies) object. ### res.download(path [, filename] [, options] [, fn]) @@ -310,7 +310,7 @@ res.status(404).end(); ### res.format(object) Performs content-negotiation on the `Accept` HTTP header on the request object, when present. -It uses [req.accepts()](#req.accepts) to select a handler for the request, based on the acceptable +It uses [req.accepts()](../request/#reqacceptstypes) to select a handler for the request, based on the acceptable types ordered by their quality values. If the header is not specified, the first callback is invoked. When no match is found, the server responds with 406 "Not Acceptable", or invokes the `default` callback. @@ -402,7 +402,7 @@ res.status(500).jsonp({ error: 'message' }); By default, the JSONP callback name is simply `callback`. Override this with the -jsonp callback name setting. +[jsonp callback name](../application/#application-settings) setting. The following are some examples of JSONP responses using the same code: @@ -458,7 +458,7 @@ res.location('back'); A `path` value of "back" has a special meaning, it refers to the URL specified in the `Referer` header of the request. If the `Referer` header was not specified, it refers to "/". See also [Security best practices: Prevent open redirect -vulnerabilities](http://expressjs.com/en/advanced/best-practice-security#prevent-open-redirects). +vulnerabilities](../../../advanced/best-practice-security/#prevent-open-redirects). After encoding the URL, if not encoded already, Express passes the specified URL to the browser in the `Location` header, @@ -532,7 +532,7 @@ res.redirect('back'); See also [Security best practices: Prevent open redirect -vulnerabilities](http://expressjs.com/en/advanced/best-practice-security#prevent-open-redirects). +vulnerabilities](../../../advanced/best-practice-security/#prevent-open-redirects). ### res.render(view [, locals] [, callback]) @@ -544,7 +544,7 @@ Optional parameters: The `view` argument is a string that is the file path of the view file to render. This can be an absolute path, or a path relative to the `views` setting. If the path does not contain a file extension, then the `view engine` setting determines the file extension. If the path does contain a file extension, then Express will load the module for the specified template engine (via `require()`) and render it using the loaded module's `__express` function. -For more information, see [Using template engines with Express](/en/guide/using-template-engines). +For more information, see [Using template engines with Express](../../guide/using-template-engines). diff --git a/src/content/api/4x/api/router/index.mdx b/src/content/api/4x/api/router/index.mdx index 2517e3fac3..c6a9d0c375 100644 --- a/src/content/api/4x/api/router/index.mdx +++ b/src/content/api/4x/api/router/index.mdx @@ -10,9 +10,9 @@ as a "mini-application," capable only of performing middleware and routing functions. Every Express application has a built-in app router. A router behaves like middleware itself, so you can use it as an argument to -[app.use()](/en/4x/api/application#appusepath-callback--callback) or as the argument to another router's [use()](#routerusepath-function--function) method. +[app.use()](../application#appusepath-callback--callback) or as the argument to another router's [use()](#routerusepath-function--function) method. -The top-level `express` object has a [Router()](/en/4x/api/express#expressrouteroptions) method that creates a new `router` object. +The top-level `express` object has a [Router()](../express#expressrouteroptions) method that creates a new `router` object. Once you've created a router object, you can add middleware and HTTP method routes (such as `get`, `put`, `post`, and so on) to it just like an application. For example: @@ -306,8 +306,8 @@ belong to the route to which they were added. Uses the specified middleware function or functions, with optional mount path `path`, that defaults to "/". -This method is similar to [app.use()](/en/4x/api/application#appusepath-callback--callback). A simple example and use case is described below. -See [app.use()](/en/4x/api/application#appusepath-callback--callback) for more information. +This method is similar to [app.use()](../application#appusepath-callback--callback). A simple example and use case is described below. +See [app.use()](../application#appusepath-callback--callback) for more information. Middleware is like a plumbing pipe: requests start at the first middleware function defined and work their way "down" the middleware stack processing for each path they match. diff --git a/src/content/api/5x/api/application/index.mdx b/src/content/api/5x/api/application/index.mdx index a5c9550b11..2e8215cfb7 100644 --- a/src/content/api/5x/api/application/index.mdx +++ b/src/content/api/5x/api/application/index.mdx @@ -21,17 +21,18 @@ app.listen(3000); The `app` object has methods for -- Routing HTTP requests; see for example, [app.METHOD](#appmethod) and [app.param](#appparam). -- Configuring middleware; see [app.route](#approute). -- Rendering HTML views; see [app.render](#apprender). -- Registering a template engine; see [app.engine](#appengine). +- Routing HTTP requests; see for example, [app.METHOD](#appmethodpath-callback--callback-) and [app.param](#appparamname-callback). +- Configuring middleware; see [app.route](#approutepath). +- Rendering HTML views; see [app.render](#apprenderview-locals-callback). +- Registering a template engine; see [app.engine](#appengineext-callback). It also has settings (properties) that affect how the application behaves; for more information, see [Application settings](#application-settings). - The Express application object can be referred from the [request object](#req) and the [response - object](#res) as `req.app`, and `res.app`, respectively. + +The Express application object can be referred from the [request object](../request/) and the [response object](../response/) as `req.app`, and `res.app`, respectively. + ## Properties @@ -39,7 +40,7 @@ for more information, see [Application settings](#application-settings). ### app.locals The `app.locals` object has properties that are local variables within the application, -and will be available in templates rendered with [res.render](#res.render). +and will be available in templates rendered with [res.render](../response/#resrenderview--locals--callback). @@ -59,12 +60,12 @@ console.dir(app.locals.email); ``` Once set, the value of `app.locals` properties persist throughout the life of the application, -in contrast with [res.locals](#res.locals) properties that +in contrast with [res.locals](../response/#reslocals) properties that are valid only for the lifetime of the request. You can access local variables in templates rendered within the application. This is useful for providing helper functions to templates, as well as application-level data. -Local variables are available in middleware via `req.app.locals` (see [req.app](#req.app)) +Local variables are available in middleware via `req.app.locals` (see [req.app](../request/#reqapp)) ```js app.locals.title = 'My App'; @@ -96,7 +97,7 @@ admin.get('/', (req, res) => { app.use('/admin', admin); // mount the sub app ``` -It is similar to the [baseUrl](#req.baseUrl) property of the `req` object, except `req.baseUrl` +It is similar to the [baseUrl](../request/#reqbaseurl) property of the `req` object, except `req.baseUrl` returns the matched URL path, instead of the matched patterns. If a sub-app is mounted on multiple path patterns, `app.mountpath` returns the list of @@ -138,7 +139,7 @@ app.listen(3000); You can add middleware and HTTP method routes to the `router` just like an application. -For more information, see [Router](#router). +For more information, see [Router](../router/). ## Events @@ -154,7 +155,7 @@ Sub-apps will: - Not inherit the value of settings that have a default value. You must set the value in the sub-app. - Inherit the value of settings with no default value. -For details, see [Application settings](/en/api/application/app-set#app.settings.table). +For details, see [Application settings](#application-settings). @@ -177,7 +178,7 @@ app.use('/admin', admin); ### app.all(path, callback [, callback ...]) -This method is like the standard [app.METHOD()](#appmethod) methods, +This method is like the standard [app.METHOD()](#appmethodpath-callback--callback-) methods, except it matches all HTTP verbs. #### Arguments @@ -185,7 +186,7 @@ except it matches all HTTP verbs. | Argument | Description | Default | | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | | `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](#router) and [app](#application) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Examples @@ -228,14 +229,14 @@ app.all('/api/{*splat}', requireAuthentication); ### app.delete(path, callback [, callback ...]) Routes HTTP DELETE requests to the specified path with the specified callback functions. -For more information, see the [routing guide](/en/guide/routing). +For more information, see the [routing guide](../../guide/routing/). #### Arguments | Argument | Description | Default | | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | | `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](#router) and [app](#application) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Example @@ -247,7 +248,7 @@ app.delete('/', (req, res) => { ### app.disable(name) -Sets the Boolean setting `name` to `false`, where `name` is one of the properties from the [app settings table](/en/api/application/app-set#app.settings.table). +Sets the Boolean setting `name` to `false`, where `name` is one of the properties from the [app settings table](#application-settings). Calling `app.set('foo', false)` for a Boolean property is the same as calling `app.disable('foo')`. For example: @@ -261,7 +262,7 @@ app.get('trust proxy'); ### app.disabled(name) Returns `true` if the Boolean setting `name` is disabled (`false`), where `name` is one of the properties from -the [app settings table](/en/api/application/app-set#app.settings.table). +the [app settings table](#application-settings). ```js app.disabled('trust proxy'); @@ -274,7 +275,7 @@ app.disabled('trust proxy'); ### app.enable(name) -Sets the Boolean setting `name` to `true`, where `name` is one of the properties from the [app settings table](/en/api/application/app-set#app.settings.table). +Sets the Boolean setting `name` to `true`, where `name` is one of the properties from the [app settings table](#application-settings). Calling `app.set('foo', true)` for a Boolean property is the same as calling `app.enable('foo')`. ```js @@ -286,7 +287,7 @@ app.get('trust proxy'); ### app.enabled(name) Returns `true` if the setting `name` is enabled (`true`), where `name` is one of the -properties from the [app settings table](/en/api/application/app-set#app.settings.table). +properties from the [app settings table](#application-settings). ```js app.enabled('trust proxy'); @@ -337,7 +338,7 @@ app.engine('html', engines.hogan); ### app.get(name) Returns the value of `name` app setting, where `name` is one of the strings in the -[app settings table](/en/api/application/app-set#app.settings.table). For example: +[app settings table](#application-settings). For example: ```js app.get('title'); @@ -357,9 +358,9 @@ Routes HTTP GET requests to the specified path with the specified callback funct | Argument | Description | Default | | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | | `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](#router) and [app](#application) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | -For more information, see the [routing guide](/en/guide/routing). +For more information, see the [routing guide](../../guide/routing/). #### Example @@ -438,7 +439,7 @@ PUT, POST, and so on, in lowercase. Thus, the actual methods are `app.get()`, | Argument | Description | Default | | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | | `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](#router) and [app](#application) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Routing methods @@ -537,13 +538,13 @@ The `app.get()` function is automatically called for the HTTP `HEAD` method in a The method, `app.all()`, is not derived from any HTTP method and loads middleware at the specified path for _all_ HTTP request methods. -For more information, see [app.all](#appall). +For more information, see [app.all](#appallpath-callback--callback-). -For more information on routing, see the [routing guide](/en/guide/routing). +For more information on routing, see the [routing guide](../../guide/routing/). ### app.param(name, callback) -Add callback triggers to [route parameters](/en/guide/routing#route-parameters), where `name` is the name of the parameter or an array of them, and `callback` is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order. +Add callback triggers to [route parameters](../../guide/routing/#route-parameters), where `name` is the name of the parameter or an array of them, and `callback` is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order. If `name` is an array, the `callback` trigger is registered for each parameter declared in it, in the order in which they are declared. Furthermore, for each declared parameter except the last one, a call to `next` inside the callback will call the callback for the next declared parameter. For the last parameter, a call to `next` will call the next middleware in place for the route currently being processed, just like it would if `name` were just a string. @@ -638,19 +639,19 @@ console.log(blogAdmin.path()); // '/blog/admin' ``` The behavior of this method can become very complicated in complex cases of mounted apps: -it is usually better to use [req.baseUrl](#req.baseUrl) to get the canonical path of the app. +it is usually better to use [req.baseUrl](../request/#reqbaseurl) to get the canonical path of the app. ### app.post(path, callback [, callback ...]) Routes HTTP POST requests to the specified path with the specified callback functions. -For more information, see the [routing guide](/en/guide/routing). +For more information, see the [routing guide](../../guide/routing/). #### Arguments | Argument | Description | Default | | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | | `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](#router) and [app](#application) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Example @@ -669,7 +670,7 @@ Routes HTTP PUT requests to the specified path with the specified callback funct | Argument | Description | Default | | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | | `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](#router) and [app](#application) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Example @@ -682,7 +683,7 @@ app.put('/', (req, res) => { ### app.render(view, [locals], callback) Returns the rendered HTML of a view via the `callback` function. It accepts an optional parameter -that is an object containing local variables for the view. It is like [res.render()](#res.render), +that is an object containing local variables for the view. It is like [res.render()](../response/#resrenderview--locals--callback), except it cannot send the rendered view to the client on its own. @@ -751,7 +752,7 @@ app Assigns setting `name` to `value`. You may store any value that you want, but certain names can be used to configure the behavior of the server. These -special names are listed in the [app settings table](/en/api/application/app-set#app.settings.table). +special names are listed in the [app settings table](#application-settings). Calling `app.set('foo', true)` for a Boolean property is the same as calling `app.enable('foo')`. Similarly, calling `app.set('foo', false)` for a Boolean @@ -796,7 +797,7 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN #### Options for `trust proxy` setting -Read [Express behind proxies](/en/guide/behind-proxies) for more information. +Read [Express behind proxies](../../guide/behind-proxies) for more information. **Boolean**: If `true`, the client's IP address is understood as the left-most entry in the `X-Forwarded-*` header. If `false`, the app is understood as directly facing the Internet and the client's IP address is derived from `req.connection.remoteAddress`. This is the default setting. @@ -866,7 +867,7 @@ app.set('etag', (body, encoding) => { ### app.use([path,] callback [, callback...]) -Mounts the specified [middleware](/en/guide/using-middleware) function or functions +Mounts the specified [middleware](../../guide/using-middleware) function or functions at the specified path: the middleware function is executed when the base of the requested path matches `path`. @@ -875,7 +876,7 @@ the middleware function is executed when the base of the requested path matches | Argument | Description | Default | | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | | `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](#router) and [app](#application) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Description @@ -901,7 +902,7 @@ Sub-apps will: - Not inherit the value of settings that have a default value. You must set the value in the sub-app. - Inherit the value of settings with no default value. -For details, see [Application settings](/en/5x/api/application/app-settings/). +For details, see [Application settings](#application-settings). @@ -921,7 +922,7 @@ app.get('/', (req, res) => { **Error-handling middleware** -Error-handling middleware always takes _four_ arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don't need to use the `next` object, you must specify it to maintain the signature. Otherwise, the `next` object will be interpreted as regular middleware and will fail to handle errors. For details about error-handling middleware, see: [Error handling](/en/guide/error-handling). +Error-handling middleware always takes _four_ arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don't need to use the `next` object, you must specify it to maintain the signature. Otherwise, the `next` object will be interpreted as regular middleware and will fail to handle errors. For details about error-handling middleware, see: [Error handling](../../guide/error-handling). Define error-handling middleware functions in the same way as other middleware functions, except with four arguments instead of three, specifically with the signature `(err, req, res, next)`): @@ -1062,7 +1063,7 @@ subApp.get('/', (req, res, next) => { app.use(mw1, [mw2, r1, r2], subApp); ``` -Following are some examples of using the [express.static](/en/guide/using-middleware#middleware.built-in) +Following are some examples of using the [express.static](../../guide/using-middleware/#built-in-middleware) middleware in an Express app. Serve static content for the app from the "public" directory in the application directory: diff --git a/src/content/api/5x/api/express/index.mdx b/src/content/api/5x/api/express/index.mdx index 4c9ac1f8f2..97d542ce13 100644 --- a/src/content/api/5x/api/express/index.mdx +++ b/src/content/api/5x/api/express/index.mdx @@ -20,7 +20,7 @@ The Express object has the following methods that can be used to create middlewa This is a built-in middleware function in Express. It parses incoming requests with JSON payloads and is based on -[body-parser](/en/resources/middleware/body-parser). +[body-parser](../../../resources/middleware/body-parser). Returns middleware that only parses JSON and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts any @@ -60,7 +60,7 @@ The following table describes the properties of the optional `options` object. This is a built-in middleware function in Express. It parses incoming request payloads into a `Buffer` and is based on -[body-parser](/en/resources/middleware/body-parser). +[body-parser](../../../resources/middleware/body-parser). Returns middleware that parses all bodies as a `Buffer` and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts @@ -96,7 +96,7 @@ The following table describes the properties of the optional `options` object. ### express.Router([options]) -Creates a new [router](/en/5x/api/router/) object. +Creates a new [router](../router/) object. ```js const router = express.Router([options]); @@ -117,17 +117,17 @@ The optional `options` parameter specifies the behavior of the router. You can add middleware and HTTP method routes (such as `get`, `put`, `post`, and so on) to `router` just like an application. -For more information, see [Router](/en/5x/api/router/). +For more information, see [Router](../router/). ### express.static(root, [options]) This is a built-in middleware function in Express. -It serves static files and is based on [serve-static](/en/resources/middleware/serve-static). +It serves static files and is based on [serve-static](../../../resources/middleware/serve-static). NOTE: For best results, [use a reverse -proxy](/en/advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of +proxy](../../../advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of serving static assets. @@ -159,8 +159,8 @@ See also the [example below](#example-of-expressstatic). -For more information, see [Serving static files in Express](/en/starter/static-files). -and [Using middleware - Built-in middleware](/en/guide/using-middleware#middleware.built-in). +For more information, see [Serving static files in Express](../../starter/static-files). +and [Using middleware - Built-in middleware](../../guide/using-middleware/#built-in-middleware). #### dotfiles @@ -195,7 +195,7 @@ fn(res, path, stat); Arguments: -- `res`, the [response object](/en/5x/api/response/). +- `res`, the [response object](../response/). - `path`, the file path that is being sent. - `stat`, the `stat` object of the file that is being sent. @@ -223,7 +223,7 @@ app.use(express.static('public', options)); This is a built-in middleware function in Express. It parses incoming request payloads into a string and is based on -[body-parser](/en/resources/middleware/body-parser). +[body-parser](../../../resources/middleware/body-parser). Returns middleware that parses all bodies as a string and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts @@ -261,7 +261,7 @@ The following table describes the properties of the optional `options` object. ### express.urlencoded([options]) This is a built-in middleware function in Express. It parses incoming requests -with urlencoded payloads and is based on [body-parser](/en/resources/middleware/body-parser). +with urlencoded payloads and is based on [body-parser](../../../resources/middleware/body-parser). Returns middleware that only parses urlencoded bodies and only looks at requests where the `Content-Type` header matches the `type` option. This diff --git a/src/content/api/5x/api/request/index.mdx b/src/content/api/5x/api/request/index.mdx index b5e66fce1f..db471e20cd 100644 --- a/src/content/api/5x/api/request/index.mdx +++ b/src/content/api/5x/api/request/index.mdx @@ -58,7 +58,7 @@ module.exports = (req, res) => { The URL path on which a router instance was mounted. -The `req.baseUrl` property is similar to the [mountpath](#app.mountpath) property of the `app` object, +The `req.baseUrl` property is similar to the [mountpath](../application/#appmountpath) property of the `app` object, except `app.mountpath` returns the matched path pattern(s). For example: @@ -89,7 +89,7 @@ made to `/hello/jp`, `req.baseUrl` is "/hello". Contains key-value pairs of data submitted in the request body. By default, it is `undefined`, and is populated when you use body-parsing middleware such -as [`express.json()`](#express.json) or [`express.urlencoded()`](#express.urlencoded). +as [`express.json()`](../express/#expressjsonoptions) or [`express.urlencoded()`](../express/#expressurlencodedoptions). @@ -127,7 +127,7 @@ console.dir(req.cookies.name); // => "tj" ``` -If the cookie has been signed, you have to use [req.signedCookies](#req.signedCookies). +If the cookie has been signed, you have to use [req.signedCookies](#reqsignedcookies). For more information, issues, or concerns, see [cookie-parser](https://github.com/expressjs/cookie-parser). @@ -149,7 +149,7 @@ console.dir(req.fresh); Contains the host derived from the `Host` HTTP header. -When the [`trust proxy` setting](/en/api/application/app-set#app.settings.table) +When the [`trust proxy` setting](../application/#application-settings) does not evaluate to `false`, this property will instead get the value from the `X-Forwarded-Host` header field. This header can be set by the client or by the proxy. @@ -172,7 +172,7 @@ console.dir(req.host); Contains the hostname derived from the `Host` HTTP header. -When the [`trust proxy` setting](/en/5x/api#trust.proxy.options.table) +When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property will instead get the value from the `X-Forwarded-Host` header field. This header can be set by the client or by the proxy. @@ -191,7 +191,7 @@ console.dir(req.hostname); Contains the remote IP address of the request. -When the [`trust proxy` setting](/en/5x/api#trust.proxy.options.table) does not evaluate to `false`, +When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, the value of this property is derived from the left-most entry in the `X-Forwarded-For` header. This header can be set by the client or by the proxy. @@ -202,7 +202,7 @@ console.dir(req.ip); ### req.ips -When the [`trust proxy` setting](/en/5x/api#trust.proxy.options.table) does not evaluate to `false`, +When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property contains an array of IP addresses specified in the `X-Forwarded-For` request header. Otherwise, it contains an empty array. This header can be set by the client or by the proxy. @@ -226,7 +226,7 @@ module](https://nodejs.org/api/http.html#http_message_url). This property is much like `req.url`; however, it retains the original request URL, allowing you to rewrite `req.url` freely for internal routing purposes. For example, -the "mounting" feature of [app.use()](#app.use) will rewrite `req.url` to strip the mount point. +the "mounting" feature of [app.use()](../application/#appusepath-callback--callback) will rewrite `req.url` to strip the mount point. ```js // GET /search?q=something @@ -249,7 +249,7 @@ app.use('/admin', (req, res, next) => { ### req.params -This property is an object containing properties mapped to the [named route "parameters"](/en/guide/routing#route-parameters). For example, if you have the route `/user/:name`, then the "name" property is available as `req.params.name`. This object defaults to `Object.create(null)` when using string paths, but remains a standard object with a normal prototype when the path is defined with a regular expression. +This property is an object containing properties mapped to the [named route "parameters"](../../guide/routing/#route-parameters). For example, if you have the route `/user/:name`, then the "name" property is available as `req.params.name`. This object defaults to `Object.create(null)` when using string paths, but remains a standard object with a normal prototype when the path is defined with a regular expression. ```js // GET /user/tj @@ -281,7 +281,7 @@ app.use(/^\/file\/(.*)$/, (req, res) => { Named capturing groups in regular expressions behave like named route parameters. For example the group from `/^\/file\/(?.*)$/` expression is available as `req.params.path`. -If you need to make changes to a key in `req.params`, use the [app.param](/en/5x/api#app.param) handler. Changes are applicable only to [parameters](/en/guide/routing#route-parameters) already defined in the route path. +If you need to make changes to a key in `req.params`, use the [app.param](../application/#appparamname-callback) handler. Changes are applicable only to [parameters](../../guide/routing/#route-parameters) already defined in the route path. Any changes made to the `req.params` object in a middleware or route handler will be reset. @@ -304,7 +304,7 @@ console.dir(req.path); When called from a middleware, the mount point is not included in `req.path`. See -[app.use()](/en/5x/api#app.use) for more details. +[app.use()](../application/#appusepath-callback--callback) for more details. @@ -312,7 +312,7 @@ When called from a middleware, the mount point is not included in `req.path`. Se Contains the request protocol string: either `http` or (for TLS requests) `https`. -When the [`trust proxy` setting](#trust.proxy.options.table) does not evaluate to `false`, +When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property will use the value of the `X-Forwarded-Proto` header field if present. This header can be set by the client or by the proxy. @@ -324,7 +324,7 @@ console.dir(req.protocol); ### req.query This property is an object containing a property for each query string parameter in the route. -When [query parser](/en/api/application/app-set#app.settings.table) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser. +When [query parser](../application/#application-settings) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser. @@ -335,7 +335,7 @@ may not be a function and instead a string or other user-input. -The value of this property can be configured with the [query parser application setting](/en/api/application/app-set#app.settings.table) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.org/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: +The value of this property can be configured with the [query parser application setting](../application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.org/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: ```js const qs = require('qs'); @@ -346,11 +346,11 @@ app.set('query parser', (str) => ); ``` -Check out the [query parser application setting](/en/api/application/app-set#app.settings.table) documentation for other customization options. +Check out the [query parser application setting](../application/#application-settings) documentation for other customization options. ### req.res -This property holds a reference to the response object +This property holds a reference to the [response object](../response) that relates to this request object. ### req.route @@ -416,7 +416,7 @@ For more information, issues, or concerns, see [cookie-parser](https://github.co ### req.stale Indicates whether the request is "stale," and is the opposite of `req.fresh`. -For more information, see [req.fresh](#req.fresh). +For more information, see [req.fresh](#reqfresh). ```js console.dir(req.stale); @@ -435,7 +435,7 @@ console.dir(req.subdomains); The application property `subdomain offset`, which defaults to 2, is used for determining the beginning of the subdomain segments. To change this behavior, change its value -using [app.set](/en/5x/api#app.set). +using [app.set](../application/#appsetname-value). ### req.xhr diff --git a/src/content/api/5x/api/response/index.mdx b/src/content/api/5x/api/response/index.mdx index b079c7375f..10023394e9 100644 --- a/src/content/api/5x/api/response/index.mdx +++ b/src/content/api/5x/api/response/index.mdx @@ -36,7 +36,7 @@ and supports all [built-in fields and methods](https://nodejs.org/api/http.html# This property holds a reference to the instance of the Express application that is using the middleware. -`res.app` is identical to the [req.app](/en/5x/api/request/#req.app) property in the request object. +`res.app` is identical to the [req.app](../request/#reqapp) property in the request object. ### res.headersSent @@ -66,7 +66,7 @@ for the used view engine for additional considerations. In order to keep local variables for use in template rendering between requests, use -[app.locals](/en/5x/api/application/#app.locals) instead. +[app.locals](../application/#applocals) instead. This property is useful for exposing request-level information such as the request path name, authenticated user, user settings, and so on to templates rendered within the application. @@ -82,7 +82,7 @@ app.use((req, res, next) => { ### res.req -This property holds a reference to the request object +This property holds a reference to the [request object](../request/) that relates to this response object. ## Methods @@ -230,7 +230,7 @@ Then, `res.cookie()` will use the secret passed to `cookieParser(secret)` to sig res.cookie('name', 'tobi', { signed: true }); ``` -Later, you may access this value through the [req.signedCookies](/en/5x/api/request/#req.signedCookies) object. +Later, you may access this value through the [req.signedCookies](../request/#reqsignedcookies) object. ### res.download(path [, filename] [, options] [, fn]) @@ -300,7 +300,7 @@ res.status(404).end(); ### res.format(object) Performs content-negotiation on the `Accept` HTTP header on the request object, when present. -It uses [req.accepts()](/en/5x/api/request/#req.accepts) to select a handler for the request, based on the acceptable +It uses [req.accepts()](../request/#reqacceptstypes) to select a handler for the request, based on the acceptable types ordered by their quality values. If the header is not specified, the first callback is invoked. When no match is found, the server responds with 406 "Not Acceptable", or invokes the `default` callback. @@ -392,7 +392,7 @@ res.status(500).jsonp({ error: 'message' }); By default, the JSONP callback name is simply `callback`. Override this with the -jsonp callback name setting. +[jsonp callback name](../application/#application-settings) setting. The following are some examples of JSONP responses using the same code: @@ -497,7 +497,7 @@ res.redirect('..'); ``` See also [Security best practices: Prevent open redirect -vulnerabilities](http://expressjs.com/en/advanced/best-practice-security#prevent-open-redirects). +vulnerabilities](../../../advanced/best-practice-security/#prevent-open-redirects). ### res.render(view [, locals] [, callback]) @@ -509,7 +509,7 @@ Optional parameters: The `view` argument is a string that is the file path of the view file to render. This can be an absolute path, or a path relative to the `views` setting. If the path does not contain a file extension, then the `view engine` setting determines the file extension. If the path does contain a file extension, then Express will load the module for the specified template engine (via `require()`) and render it using the loaded module's `__express` function. -For more information, see [Using template engines with Express](/en/guide/using-template-engines). +For more information, see [Using template engines with Express](../../guide/using-template-engines). diff --git a/src/content/api/5x/api/router/index.mdx b/src/content/api/5x/api/router/index.mdx index dbaa9585c3..1dfd871a07 100644 --- a/src/content/api/5x/api/router/index.mdx +++ b/src/content/api/5x/api/router/index.mdx @@ -10,9 +10,9 @@ as a "mini-application," capable only of performing middleware and routing functions. Every Express application has a built-in app router. A router behaves like middleware itself, so you can use it as an argument to -[app.use()](/en/5x/api/application#app-use) or as the argument to another router's [use()](#router-use) method. +[app.use()](../application/#appusepath-callback--callback) or as the argument to another router's [use()](#routerusepath-function--function) method. -The top-level `express` object has a [Router()](/en/5x/api/express#express-router) method that creates a new `router` object. +The top-level `express` object has a [Router()](../express/#expressrouteroptions) method that creates a new `router` object. Once you've created a router object, you can add middleware and HTTP method routes (such as `get`, `put`, `post`, and so on) to it just like an application. For example: @@ -267,8 +267,8 @@ belong to the route to which they were added. Uses the specified middleware function or functions, with optional mount path `path`, that defaults to "/". -This method is similar to [app.use()](/en/5x/api/application#app-use). A simple example and use case is described below. -See [app.use()](/en/5x/api/application#app-use) for more information. +This method is similar to [app.use()](../application/#appusepath-callback--callback). A simple example and use case is described below. +See [app.use()](../application/#appusepath-callback--callback) for more information. Middleware is like a plumbing pipe: requests start at the first middleware function defined and work their way "down" the middleware stack processing for each path they match. From a125b928fd00fba1856217c1feb362559e126ebc Mon Sep 17 00:00:00 2001 From: krzysdz Date: Thu, 21 May 2026 02:00:01 +0200 Subject: [PATCH 05/16] Update internal links and URL fragments in other docs --- .../blog/2025-03-31-v5-1-latest-release.md | 6 +-- ...ulnerability-reporting-process-overhaul.md | 2 +- .../2026-05-18-a-new-look-for-express.mdx | 2 +- .../docs/en/4x/guide/behind-proxies.mdx | 9 +++-- src/content/docs/en/4x/guide/debugging.mdx | 2 +- .../docs/en/4x/guide/error-handling.mdx | 2 +- .../en/4x/guide/overriding-express-api.md | 2 +- src/content/docs/en/4x/guide/routing.mdx | 38 +++++++++---------- .../docs/en/4x/guide/using-middleware.mdx | 24 ++++++------ .../en/4x/guide/using-template-engines.mdx | 4 +- .../docs/en/4x/guide/writing-middleware.mdx | 10 ++--- .../docs/en/4x/starter/basic-routing.mdx | 4 +- src/content/docs/en/4x/starter/faq.md | 12 +++--- .../docs/en/4x/starter/hello-world.mdx | 4 +- .../docs/en/4x/starter/static-files.mdx | 8 ++-- .../docs/en/5x/guide/behind-proxies.mdx | 9 +++-- src/content/docs/en/5x/guide/debugging.mdx | 2 +- .../docs/en/5x/guide/error-handling.mdx | 2 +- .../en/5x/guide/overriding-express-api.md | 2 +- src/content/docs/en/5x/guide/routing.mdx | 38 +++++++++---------- .../docs/en/5x/guide/using-middleware.mdx | 24 ++++++------ .../en/5x/guide/using-template-engines.mdx | 4 +- .../docs/en/5x/guide/writing-middleware.mdx | 6 +-- .../docs/en/5x/starter/basic-routing.mdx | 4 +- src/content/docs/en/5x/starter/faq.md | 12 +++--- .../docs/en/5x/starter/hello-world.mdx | 4 +- .../docs/en/5x/starter/static-files.mdx | 8 ++-- .../en/advanced/best-practice-security.mdx | 32 ++++++++-------- .../pages/en/advanced/security-updates.mdx | 2 +- src/content/pages/en/guide/migrating-4.mdx | 31 ++++----------- src/content/pages/en/guide/migrating-5.mdx | 4 +- src/content/pages/en/resources/community.mdx | 4 +- .../pages/en/resources/contributing.mdx | 2 +- src/content/pages/en/resources/glossary.mdx | 4 +- src/content/pages/en/resources/index.mdx | 10 ++--- src/content/pages/en/support.md | 16 ++++---- 36 files changed, 166 insertions(+), 183 deletions(-) diff --git a/src/content/blog/2025-03-31-v5-1-latest-release.md b/src/content/blog/2025-03-31-v5-1-latest-release.md index 149dcf439e..149698163f 100644 --- a/src/content/blog/2025-03-31-v5-1-latest-release.md +++ b/src/content/blog/2025-03-31-v5-1-latest-release.md @@ -28,7 +28,7 @@ We know that migrating between versions can be challenging, especially when it i Thanks to the incredible efforts of [Sebastian](https://github.com/bjohansebas) and [Filip](https://github.com/kjugi), we have developed a new [codemod package](https://www.npmjs.com/package/@expressjs/codemod) specifically designed to facilitate the transition from Express v4 to v5, as well as future major versions. This package automates many of the necessary code changes, minimizing manual effort and making the upgrade as smooth and efficient as possible. -However, we understand that not all changes can be automated. Some breaking changes, such as the [new Path Route Matching syntax](/en/guide/migrating-5#path-syntax), require manual modifications by developers. You can read more about all of the breaking changes which came with v5 in our [original release announcement](/en/blog/2024-10-15-v5-release). +However, we understand that not all changes can be automated. Some breaking changes, such as the [new Path Route Matching syntax](/en/guide/migrating-5#path-route-matching-syntax), require manual modifications by developers. You can read more about all of the breaking changes which came with v5 in our [original release announcement](/en/blog/2024-10-15-v5-release). For more details on the migration process and how to use the codemod package, check the [repository’s README](https://github.com/expressjs/codemod#readme) and the [migration guide](/en/guide/migrating-5). @@ -115,9 +115,9 @@ starts the clock on EOL for v4 by moving it to `MAINTENANCE`. We recognize that only major version for most of the history of Node.js itself. Because of this, we want to remain flexible and also provide a bit longer support. We want to do what is best for the ecosystem, so consider these goals not commitments. -\*: v4 is a special case, and we may extend MAINTENENCE support +\*: v4 is a special case, and we may extend MAINTENENCE support \*\*: v5 MAINTENENCE and EOL dates are determined by when v6 is released, these dates reflect the earliest dates if we -were to ship v6 on 2025-10-01 +were to ship v6 on 2025-10-01 \*\*\* : v6 work has not officially started yet, this is simply the earliest date we can ship based on our proposed policy --- diff --git a/src/content/blog/2025-06-05-vulnerability-reporting-process-overhaul.md b/src/content/blog/2025-06-05-vulnerability-reporting-process-overhaul.md index f227665d72..fb6ed9f6f4 100644 --- a/src/content/blog/2025-06-05-vulnerability-reporting-process-overhaul.md +++ b/src/content/blog/2025-06-05-vulnerability-reporting-process-overhaul.md @@ -38,7 +38,7 @@ Security Advisories are now enabled across all Express.js repositories, allowing Expectations around ownership and response timelines have been clarified and published to reduce ambiguity and improve responsiveness. -> A [Security triage team member](https://github.com/expressjs/security-wg#security-triage-team) or [the repo captain](https://github.com/expressjs/discussions/blob/master/docs/contributing/captains_and_committers.md) will acknowledge your report as soon as possible. +> A [Security triage team member](https://github.com/expressjs/security-wg#security-triage-team-expressjssecurity-triage) or [the repo captain](https://github.com/expressjs/discussions/blob/master/docs/contributing/captains_and_committers.md) will acknowledge your report as soon as possible. > > After the initial reply to your report, the security team will > endeavor to keep you informed of the progress towards a fix and full diff --git a/src/content/blog/2026-05-18-a-new-look-for-express.mdx b/src/content/blog/2026-05-18-a-new-look-for-express.mdx index e0814c428c..0e61055da7 100644 --- a/src/content/blog/2026-05-18-a-new-look-for-express.mdx +++ b/src/content/blog/2026-05-18-a-new-look-for-express.mdx @@ -77,7 +77,7 @@ The effort was led by [Sebastian Beltran](https://github.com/bjohansebas), with A huge thank you goes to the [Orama](https://orama.com) team for sponsoring [Francesca Giannino](https://github.com/g-francesca), [Angela Angelini](https://www.linkedin.com/in/angeliningl/), [Michele Riva](https://github.com/micheleriva), and [Davide Spaziani](https://www.linkedin.com/in/davidespazianitesta/), and for the design, feedback, and support they brought to every stage of the project. -From the Express side, the redesign was shaped by many hands: [Ulises Gascón](https://github.com/ulisesgascon), [Rand McKinney](https://github.com/crandmck), [Jon Church](https://github.com/jonchurch), [Shubham Oulkar](https://github.com/ShubhamOulkar), the rest of the [Express Technical Committee](https://github.com/expressjs/express#technical-committee), and everyone who contributed reviews, issues, or comments along the way. The full history, including every PR that made it into the redesign, lives in [the main pull request](https://github.com/expressjs/expressjs.com/pull/2169). +From the Express side, the redesign was shaped by many hands: [Ulises Gascón](https://github.com/ulisesgascon), [Rand McKinney](https://github.com/crandmck), [Jon Church](https://github.com/jonchurch), [Shubham Oulkar](https://github.com/ShubhamOulkar), the rest of the [Express Technical Committee](https://github.com/expressjs/express#tc-technical-committee), and everyone who contributed reviews, issues, or comments along the way. The full history, including every PR that made it into the redesign, lives in [the main pull request](https://github.com/expressjs/expressjs.com/pull/2169). More than a year of work went into this launch. In open source, progress is rarely fast: decisions take discussion, design takes iteration, and reviews take time. But step by step, a community can build something it's proud of, and this is one of those steps. diff --git a/src/content/docs/en/4x/guide/behind-proxies.mdx b/src/content/docs/en/4x/guide/behind-proxies.mdx index d96970dd67..414424983a 100644 --- a/src/content/docs/en/4x/guide/behind-proxies.mdx +++ b/src/content/docs/en/4x/guide/behind-proxies.mdx @@ -86,16 +86,17 @@ Enabling `trust proxy` will have the following impact:
  • - The value of [req.hostname](/en/api#req.hostname) is derived from the value set in the + The value of [req.hostname](../../api/request/#reqhostname) is derived from the value set in the `X-Forwarded-Host` header, which can be set by the client or by the proxy.
  • `X-Forwarded-Proto` can be set by the reverse proxy to tell the app whether it is `https` or - `http` or even an invalid name. This value is reflected by [req.protocol](/en/api#req.protocol). + `http` or even an invalid name. This value is reflected by + [req.protocol](../../api/request/#reqprotocol).
  • - The [req.ip](/en/api#req.ip) and [req.ips](/en/api#req.ips) values are populated based on the - socket address and `X-Forwarded-For` header, starting at the first untrusted address. + The [req.ip](/en/api#req.ip) and [req.ips](../../api/request/#reqips) values are populated based + on the socket address and `X-Forwarded-For` header, starting at the first untrusted address.
diff --git a/src/content/docs/en/4x/guide/debugging.mdx b/src/content/docs/en/4x/guide/debugging.mdx index a7750f5427..801bb392b9 100644 --- a/src/content/docs/en/4x/guide/debugging.mdx +++ b/src/content/docs/en/4x/guide/debugging.mdx @@ -18,7 +18,7 @@ On Windows, use the corresponding command. > $env:DEBUG = "express:*"; node index.js ``` -Running this command on the default app generated by the [express generator](/en/starter/generator) prints the following output: +Running this command on the default app generated by the [express generator](../../starter/generator) prints the following output: ```bash $ DEBUG=express:* node ./bin/www diff --git a/src/content/docs/en/4x/guide/error-handling.mdx b/src/content/docs/en/4x/guide/error-handling.mdx index e34218f841..5dde6bd69a 100644 --- a/src/content/docs/en/4x/guide/error-handling.mdx +++ b/src/content/docs/en/4x/guide/error-handling.mdx @@ -190,7 +190,7 @@ function errorHandler(err, req, res, next) { Note that the default error handler can get triggered if you call `next()` with an error in your code more than once, even if custom error handling middleware is in place. -Other error handling middleware can be found at [Express middleware](/en/resources/middleware). +Other error handling middleware can be found at [Express middleware](../../../resources/middleware). ## Writing error handlers diff --git a/src/content/docs/en/4x/guide/overriding-express-api.md b/src/content/docs/en/4x/guide/overriding-express-api.md index f5281a58f5..349d20011c 100644 --- a/src/content/docs/en/4x/guide/overriding-express-api.md +++ b/src/content/docs/en/4x/guide/overriding-express-api.md @@ -14,7 +14,7 @@ Altering the global prototypes will affect all loaded Express apps in the same p You can override the signature and behavior of existing methods with your own, by assigning a custom function. -Following is an example of overriding the behavior of [res.sendStatus](/en/4x/api#res.sendStatus). +Following is an example of overriding the behavior of [res.sendStatus](../../api/response/#ressendstatusstatuscode). ```js app.response.sendStatus = function (statusCode, type, message) { diff --git a/src/content/docs/en/4x/guide/routing.mdx b/src/content/docs/en/4x/guide/routing.mdx index 69f611b68b..68ddf115e9 100644 --- a/src/content/docs/en/4x/guide/routing.mdx +++ b/src/content/docs/en/4x/guide/routing.mdx @@ -6,12 +6,12 @@ description: Learn how to define and use routes in Express.js applications, incl import Alert from '@components/primitives/Alert/Alert.astro'; _Routing_ refers to how an application's endpoints (URIs) respond to client requests. -For an introduction to routing, see [Basic routing](/en/4x/starter/basic-routing). +For an introduction to routing, see [Basic routing](../../starter/basic-routing). You define routing using methods of the Express `app` object that correspond to HTTP methods; for example, `app.get()` to handle GET requests and `app.post` to handle POST requests. For a full list, -see [app.METHOD](/en/4x/api/application#appmethodpath-callback--callback-). You can also use [app.all()](/en/4x/api/application#appallpath-callback--callback-) to handle all HTTP methods and [app.use()](/en/4x/api/application#appusepath-callback--callback) to -specify middleware as the callback function (See [Using middleware](/en/4x/guide/using-middleware) for details). +see [app.METHOD](../../api/application#appmethodpath-callback--callback-). You can also use [app.all()](../../api/application#appallpath-callback--callback-) to handle all HTTP methods and [app.use()](../../api/application#appusepath-callback--callback) to +specify middleware as the callback function (See [Using middleware](../using-middleware) for details). These routing methods specify a callback function (sometimes called "handler functions") called when the application receives a request to the specified route (endpoint) and HTTP method. In other words, the application "listens" for requests that match the specified route(s) and method(s), and when it detects a match, it calls the specified callback function. @@ -50,7 +50,7 @@ app.post('/', (req, res) => { ``` Express supports methods that correspond to all HTTP request methods: `get`, `post`, and so on. -For a full list, see [app.METHOD](/en/4x/api/application#appmethodpath-callback--callback-). +For a full list, see [app.METHOD](../../api/application#appmethodpath-callback--callback-). There is a special routing method, `app.all()`, used to load middleware functions at a path for _all_ HTTP request methods. For example, the following handler is executed for requests to the route `"/secret"` whether using `GET`, `POST`, `PUT`, `DELETE`, or any other HTTP request method supported in the [http module](https://nodejs.org/api/http.html#http_http_methods). @@ -212,12 +212,12 @@ characters with an additional backslash, for example `\\d+`. -The `*` character in regular expressions is not interpreted in the usual way. As a workaround, use `{0,}` instead of `*`. +The [`*`](https://github.com/expressjs/express/issues/2495) character in regular expressions is not interpreted in the usual way. As a workaround, use `{0,}` instead of `*`. ## Route handlers -You can provide multiple callback functions that behave like [middleware](/en/guide/using-middleware) to handle a request. The only exception is that these callbacks might invoke `next('route')` to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there's no reason to proceed with the current route. +You can provide multiple callback functions that behave like [middleware](../using-middleware) to handle a request. The only exception is that these callbacks might invoke `next('route')` to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there's no reason to proceed with the current route. ```js app.get('/user/:id', (req, res, next) => { @@ -312,22 +312,22 @@ app.get( The methods on the response object (`res`) in the following table can send a response to the client, and terminate the request-response cycle. If none of these methods are called from a route handler, the client request will be left hanging. -| Method | Description | -| ---------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | -| [res.download()](/en/4x/api/response#resdownloadpath--filename--options--fn) | Prompt a file to be downloaded. | -| [res.end()](/en/4x/api/response#resenddata-encoding-callback) | End the response process. | -| [res.json()](/en/4x/api/response#resjsonbody) | Send a JSON response. | -| [res.jsonp()](/en/4x/api/response#resjsonpbody) | Send a JSON response with JSONP support. | -| [res.redirect()](/en/4x/api/response#resredirectstatus-path) | Redirect a request. | -| [res.render()](/en/4x/api/response#resrenderview--locals--callback) | Render a view template. | -| [res.send()](/en/4x/api/response#ressendbody) | Send a response of various types. | -| [res.sendFile()](/en/4x/api/response#ressendfilepath--options--fn) | Send a file as an octet stream. | -| [res.sendStatus()](/en/4x/api/response#ressendstatusstatuscode) | Set the response status code and send its string representation as the response body. | +| Method | Description | +| --------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | +| [res.download()](../../api/response#resdownloadpath--filename--options--fn) | Prompt a file to be downloaded. | +| [res.end()](../../api/response#resenddata-encoding-callback) | End the response process. | +| [res.json()](../../api/response#resjsonbody) | Send a JSON response. | +| [res.jsonp()](../../api/response#resjsonpbody) | Send a JSON response with JSONP support. | +| [res.redirect()](../../api/response#resredirectstatus-path) | Redirect a request. | +| [res.render()](../../api/response#resrenderview--locals--callback) | Render a view template. | +| [res.send()](../../api/response#ressendbody) | Send a response of various types. | +| [res.sendFile()](../../api/response#ressendfilepath--options--fn) | Send a file as an octet stream. | +| [res.sendStatus()](../../api/response#ressendstatusstatuscode) | Set the response status code and send its string representation as the response body. | ## app.route() You can create chainable route handlers for a route path by using `app.route()`. -Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: [Router() documentation](/en/4x/api/router). +Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: [Router() documentation](../../api/router). Here is an example of chained route handlers that are defined by using `app.route()`. @@ -388,7 +388,7 @@ app.use('/birds', birds); The app will now be able to handle requests to `/birds` and `/birds/about`, as well as call the `timeLog` middleware function that is specific to the route. -But if the parent route `/birds` has path parameters, it will not be accessible by default from the sub-routes. To make it accessible, you will need to pass the `mergeParams` option to the Router constructor [reference](/en/4x/api/application#appusepath-callback--callback). +But if the parent route `/birds` has path parameters, it will not be accessible by default from the sub-routes. To make it accessible, you will need to pass the `mergeParams` option to the Router constructor [reference](../../api/application#appusepath-callback--callback). ```js const router = express.Router({ mergeParams: true }); diff --git a/src/content/docs/en/4x/guide/using-middleware.mdx b/src/content/docs/en/4x/guide/using-middleware.mdx index 36f8034ef2..b5a1a6796d 100644 --- a/src/content/docs/en/4x/guide/using-middleware.mdx +++ b/src/content/docs/en/4x/guide/using-middleware.mdx @@ -7,7 +7,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; Express is a routing and middleware web framework that has minimal functionality of its own: An Express application is essentially a series of middleware function calls. -_Middleware_ functions are functions that have access to the [request object](/en/5x/api#req) (`req`), the [response object](/en/5x/api#res) (`res`), and the next middleware function in the application's request-response cycle. The next middleware function is commonly denoted by a variable named `next`. +_Middleware_ functions are functions that have access to the [request object](../../api/request) (`req`), the [response object](../../api/response) (`res`), and the next middleware function in the application's request-response cycle. The next middleware function is commonly denoted by a variable named `next`. Middleware functions can perform the following tasks: @@ -20,18 +20,18 @@ If the current middleware function does not end the request-response cycle, it m An Express application can use the following types of middleware: -- [Application-level middleware](#middleware.application) -- [Router-level middleware](#middleware.router) -- [Error-handling middleware](#middleware.error-handling) -- [Built-in middleware](#middleware.built-in) -- [Third-party middleware](#middleware.third-party) +- [Application-level middleware](#application-level-middleware) +- [Router-level middleware](#router-level-middleware) +- [Error-handling middleware](#error-handling-middleware) +- [Built-in middleware](#built-in-middleware) +- [Third-party middleware](#third-party-middleware) You can load application-level and router-level middleware with an optional mount path. You can also load a series of middleware functions together, which creates a sub-stack of the middleware system at a mount point. ## Application-level middleware -Bind application-level middleware to an instance of the [app object](/en/5x/api#app) by using the `app.use()` and `app.METHOD()` functions, where `METHOD` is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase. +Bind application-level middleware to an instance of the [app object](../../api/application) by using the `app.use()` and `app.METHOD()` functions, where `METHOD` is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase. This example shows a middleware function with no mount path. The function is executed every time the app receives a request. @@ -262,7 +262,7 @@ app.use((err, req, res, next) => { }); ``` -For details about error-handling middleware, see: [Error handling](/en/guide/error-handling). +For details about error-handling middleware, see: [Error handling](../error-handling). ## Built-in middleware @@ -271,9 +271,9 @@ functions that were previously included with Express are now in separate modules Express has the following built-in middleware functions: -- [express.static](/en/5x/api#express.static) serves static assets such as HTML files, images, and so on. -- [express.json](/en/5x/api#express.json) parses incoming requests with JSON payloads. **NOTE: Available with Express 4.16.0+** -- [express.urlencoded](/en/5x/api#express.urlencoded) parses incoming requests with URL-encoded payloads. **NOTE: Available with Express 4.16.0+** +- [express.static](../../api/express/#expressstaticroot-options) serves static assets such as HTML files, images, and so on. +- [express.json](../../api/express/#expressjsonoptions) parses incoming requests with JSON payloads. **NOTE: Available with Express 4.16.0+** +- [express.urlencoded](../../api/express/#expressurlencodedoptions) parses incoming requests with URL-encoded payloads. **NOTE: Available with Express 4.16.0+** ## Third-party middleware @@ -296,4 +296,4 @@ const cookieParser = require('cookie-parser'); app.use(cookieParser()); ``` -For a partial list of third-party middleware functions that are commonly used with Express, see: [Third-party middleware](../resources/middleware). +For a partial list of third-party middleware functions that are commonly used with Express, see: [Third-party middleware](../../../resources/middleware). diff --git a/src/content/docs/en/4x/guide/using-template-engines.mdx b/src/content/docs/en/4x/guide/using-template-engines.mdx index 31edcdde82..7c70645ffd 100644 --- a/src/content/docs/en/4x/guide/using-template-engines.mdx +++ b/src/content/docs/en/4x/guide/using-template-engines.mdx @@ -9,9 +9,9 @@ A _template engine_ enables you to use static template files in your application variables in a template file with actual values, and transforms the template into an HTML file sent to the client. This approach makes it easier to design an HTML page. -The [Express application generator](/en/starter/generator) uses [Pug](https://pugjs.org/api/getting-started.html) as its default, but it also supports [Handlebars](https://www.npmjs.com/package/handlebars), and [EJS](https://www.npmjs.com/package/ejs), among others. +The [Express application generator](../../starter/generator) uses [Pug](https://pugjs.org/api/getting-started.html) as its default, but it also supports [Handlebars](https://www.npmjs.com/package/handlebars), and [EJS](https://www.npmjs.com/package/ejs), among others. -To render template files, set the following [application setting properties](/en/4x/api#app.set), in the default `app.js` created by the generator: +To render template files, set the following [application setting properties](../../api/application/#appsetname-value), in the default `app.js` created by the generator: - `views`, the directory where the template files are located. Eg: `app.set('views', './views')`. This defaults to the `views` directory in the application root directory. diff --git a/src/content/docs/en/4x/guide/writing-middleware.mdx b/src/content/docs/en/4x/guide/writing-middleware.mdx index 22354ecbe5..0b797e3fa3 100644 --- a/src/content/docs/en/4x/guide/writing-middleware.mdx +++ b/src/content/docs/en/4x/guide/writing-middleware.mdx @@ -5,7 +5,7 @@ description: Learn how to write custom middleware functions for Express.js appli import Alert from '@components/primitives/Alert/Alert.astro'; -_Middleware_ functions are functions that have access to the [request object](/en/5x/api#req) (`req`), the [response object](/en/5x/api#res) (`res`), and the `next` function in the application's request-response cycle. The `next` function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware. +_Middleware_ functions are functions that have access to the [request object](../../api/request) (`req`), the [response object](../../api/response) (`res`), and the `next` function in the application's request-response cycle. The `next` function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware. Middleware functions can perform the following tasks: @@ -39,11 +39,11 @@ The following figure shows the elements of a middleware function call:
- HTTP response argument to the middleware function, called "res" by + HTTP [response](../../api/response) argument to the middleware function, called "res" by convention.
-
HTTP request argument to the middleware function, called "req" by convention.
+
HTTP [request](../../api/request) argument to the middleware function, called "req" by convention.
@@ -171,7 +171,7 @@ async function cookieValidator(cookies) { } ``` -Here, we use the [`cookie-parser`](/en/resources/middleware/cookie-parser) middleware to parse incoming cookies off the `req` object and pass them to our `cookieValidator` function. The `validateCookies` middleware returns a Promise that upon rejection will automatically trigger our error handler. +Here, we use the [`cookie-parser`](../../../resources/middleware/cookie-parser) middleware to parse incoming cookies off the `req` object and pass them to our `cookieValidator` function. The `validateCookies` middleware returns a Promise that upon rejection will automatically trigger our error handler. ```js const express = require('express'); @@ -209,7 +209,7 @@ functions. Because you have access to the request object, the response object, the next middleware function in the stack, and the whole Node.js API, the possibilities with middleware functions are endless. -For more information about Express middleware, see: [Using Express middleware](/en/guide/using-middleware). +For more information about Express middleware, see: [Using Express middleware](../using-middleware). ## Configurable middleware diff --git a/src/content/docs/en/4x/starter/basic-routing.mdx b/src/content/docs/en/4x/starter/basic-routing.mdx index 1d9ee9316e..6d4768513d 100644 --- a/src/content/docs/en/4x/starter/basic-routing.mdx +++ b/src/content/docs/en/4x/starter/basic-routing.mdx @@ -26,7 +26,7 @@ Where: This tutorial assumes that an instance of `express` named `app` is created and the server is running. If you are not familiar with creating an app and starting it, see the [Hello world -example](/en/starter/hello-world). +example](../hello-world). @@ -64,4 +64,4 @@ app.delete('/user', (req, res) => { }); ``` -For more details about routing, see the [routing guide](/en/guide/routing). +For more details about routing, see the [routing guide](../../guide/routing). diff --git a/src/content/docs/en/4x/starter/faq.md b/src/content/docs/en/4x/starter/faq.md index 1adcb7be0e..3d59e34a5d 100755 --- a/src/content/docs/en/4x/starter/faq.md +++ b/src/content/docs/en/4x/starter/faq.md @@ -13,8 +13,8 @@ Routes and other application-specific logic can live in as many files as you wish, in any directory structure you prefer. View the following examples for inspiration: -- [Route listings](https://github.com/expressjs/express/blob/4.13.1/examples/route-separation/index.js#L32-L47) -- [Route map](https://github.com/expressjs/express/blob/4.13.1/examples/route-map/index.js#L52-L66) +- [Route listings](https://github.com/expressjs/express/blob/v4.22.2/examples/route-separation/index.js#L34-L49) +- [Route map](https://github.com/expressjs/express/blob/v4.22.2/examples/route-map/index.js#L55-L69) - [MVC style controllers](https://github.com/expressjs/express/tree/master/examples/mvc) Also, there are third-party extensions for Express, which simplify some of these patterns: @@ -42,7 +42,7 @@ To normalize template engine interfaces and caching, see the [consolidate.js](https://github.com/visionmedia/consolidate.js) project for support. Unlisted template engines might still support the Express signature. -For more information, see [Using template engines with Express](/en/guide/using-template-engines). +For more information, see [Using template engines with Express](../../guide/using-template-engines). ## How do I handle 404 responses? @@ -75,7 +75,7 @@ app.use((err, req, res, next) => { }); ``` -For more information, see [Error handling](/en/guide/error-handling). +For more information, see [Error handling](../../guide/error-handling). ## How do I render plain HTML? @@ -86,5 +86,5 @@ middleware function. ## What version of Node.js does Express require? -- [Express 4.x](/en/4x/api) requires Node.js 0.10 or higher. -- [Express 5.x](/en/5x/api) requires Node.js 18 or higher. +- [Express 4.x](../../../4x/api) requires Node.js 0.10 or higher. +- [Express 5.x](../../../5x/api) requires Node.js 18 or higher. diff --git a/src/content/docs/en/4x/starter/hello-world.mdx b/src/content/docs/en/4x/starter/hello-world.mdx index 63821ba16e..3ba6fb1fec 100644 --- a/src/content/docs/en/4x/starter/hello-world.mdx +++ b/src/content/docs/en/4x/starter/hello-world.mdx @@ -8,7 +8,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; Embedded below is essentially the simplest Express app you can create. It is a single file app -— _not_ what you'd get if you use the [Express generator](/en/starter/generator), which +— _not_ what you'd get if you use the [Express generator](../generator), which creates the scaffolding for a full app with numerous JavaScript files, Jade templates, and sub-directories for various purposes. @@ -33,7 +33,7 @@ to the root URL (`/`) or _route_. For every other path, it will respond with a * ## Running Locally -First create a directory named `myapp`, change to it and run `npm init`. Then, install `express` as a dependency, as per the [installation guide](/en/starter/installing). +First create a directory named `myapp`, change to it and run `npm init`. Then, install `express` as a dependency, as per the [installation guide](../installing). In the `myapp` directory, create a file named `app.js` and copy the code from the example above. diff --git a/src/content/docs/en/4x/starter/static-files.mdx b/src/content/docs/en/4x/starter/static-files.mdx index 25009911ce..2506633eea 100644 --- a/src/content/docs/en/4x/starter/static-files.mdx +++ b/src/content/docs/en/4x/starter/static-files.mdx @@ -14,7 +14,7 @@ express.static(root, [options]); ``` The `root` argument specifies the root directory from which to serve static assets. -For more information on the `options` argument, see [express.static](/en/5x/api#express.static). +For more information on the `options` argument, see [express.static](../../api/express/#expressstaticroot-options). For example, use the following code to serve images, CSS files, and JavaScript files in a directory named `public`: @@ -51,12 +51,12 @@ Express looks up the files in the order in which you set the static directories For best results, [use a reverse -proxy](/en/advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of +proxy](../../../advanced/best-practice-performance/#use-a-reverse-proxy) cache to improve performance of serving static assets. -To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the `express.static` function, [specify a mount path](/en/5x/api#app.use) for the static directory, as shown below: +To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the `express.static` function, [specify a mount path](../../api/application/#appusepath-callback--callback) for the static directory, as shown below: ```js app.use('/static', express.static('public')); @@ -79,4 +79,4 @@ const path = require('path'); app.use('/static', express.static(path.join(__dirname, 'public'))); ``` -For more details about the `serve-static` function and its options, see [serve-static](/en/resources/middleware/serve-static). +For more details about the `serve-static` function and its options, see [serve-static](../../../resources/middleware/serve-static). diff --git a/src/content/docs/en/5x/guide/behind-proxies.mdx b/src/content/docs/en/5x/guide/behind-proxies.mdx index d96970dd67..414424983a 100644 --- a/src/content/docs/en/5x/guide/behind-proxies.mdx +++ b/src/content/docs/en/5x/guide/behind-proxies.mdx @@ -86,16 +86,17 @@ Enabling `trust proxy` will have the following impact:
  • - The value of [req.hostname](/en/api#req.hostname) is derived from the value set in the + The value of [req.hostname](../../api/request/#reqhostname) is derived from the value set in the `X-Forwarded-Host` header, which can be set by the client or by the proxy.
  • `X-Forwarded-Proto` can be set by the reverse proxy to tell the app whether it is `https` or - `http` or even an invalid name. This value is reflected by [req.protocol](/en/api#req.protocol). + `http` or even an invalid name. This value is reflected by + [req.protocol](../../api/request/#reqprotocol).
  • - The [req.ip](/en/api#req.ip) and [req.ips](/en/api#req.ips) values are populated based on the - socket address and `X-Forwarded-For` header, starting at the first untrusted address. + The [req.ip](/en/api#req.ip) and [req.ips](../../api/request/#reqips) values are populated based + on the socket address and `X-Forwarded-For` header, starting at the first untrusted address.
diff --git a/src/content/docs/en/5x/guide/debugging.mdx b/src/content/docs/en/5x/guide/debugging.mdx index a7750f5427..801bb392b9 100644 --- a/src/content/docs/en/5x/guide/debugging.mdx +++ b/src/content/docs/en/5x/guide/debugging.mdx @@ -18,7 +18,7 @@ On Windows, use the corresponding command. > $env:DEBUG = "express:*"; node index.js ``` -Running this command on the default app generated by the [express generator](/en/starter/generator) prints the following output: +Running this command on the default app generated by the [express generator](../../starter/generator) prints the following output: ```bash $ DEBUG=express:* node ./bin/www diff --git a/src/content/docs/en/5x/guide/error-handling.mdx b/src/content/docs/en/5x/guide/error-handling.mdx index e34218f841..5dde6bd69a 100644 --- a/src/content/docs/en/5x/guide/error-handling.mdx +++ b/src/content/docs/en/5x/guide/error-handling.mdx @@ -190,7 +190,7 @@ function errorHandler(err, req, res, next) { Note that the default error handler can get triggered if you call `next()` with an error in your code more than once, even if custom error handling middleware is in place. -Other error handling middleware can be found at [Express middleware](/en/resources/middleware). +Other error handling middleware can be found at [Express middleware](../../../resources/middleware). ## Writing error handlers diff --git a/src/content/docs/en/5x/guide/overriding-express-api.md b/src/content/docs/en/5x/guide/overriding-express-api.md index f5281a58f5..349d20011c 100644 --- a/src/content/docs/en/5x/guide/overriding-express-api.md +++ b/src/content/docs/en/5x/guide/overriding-express-api.md @@ -14,7 +14,7 @@ Altering the global prototypes will affect all loaded Express apps in the same p You can override the signature and behavior of existing methods with your own, by assigning a custom function. -Following is an example of overriding the behavior of [res.sendStatus](/en/4x/api#res.sendStatus). +Following is an example of overriding the behavior of [res.sendStatus](../../api/response/#ressendstatusstatuscode). ```js app.response.sendStatus = function (statusCode, type, message) { diff --git a/src/content/docs/en/5x/guide/routing.mdx b/src/content/docs/en/5x/guide/routing.mdx index 0b6b0cb7f1..8dca5eb4c3 100644 --- a/src/content/docs/en/5x/guide/routing.mdx +++ b/src/content/docs/en/5x/guide/routing.mdx @@ -6,12 +6,12 @@ description: Learn how to define and use routes in Express.js applications, incl import Alert from '@components/primitives/Alert/Alert.astro'; _Routing_ refers to how an application's endpoints (URIs) respond to client requests. -For an introduction to routing, see [Basic routing](/en/starter/basic-routing). +For an introduction to routing, see [Basic routing](../../starter/basic-routing). You define routing using methods of the Express `app` object that correspond to HTTP methods; for example, `app.get()` to handle GET requests and `app.post` to handle POST requests. For a full list, -see [app.METHOD](/en/5x/api/application#appmethodpath-callback--callback-). You can also use [app.all()](/en/5x/api/application#appallpath-callback--callback-) to handle all HTTP methods and [app.use()](/en/5x/api/application#appusepath-callback--callback) to -specify middleware as the callback function (See [Using middleware](/en/guide/using-middleware) for details). +see [app.METHOD](../../api/application#appmethodpath-callback--callback-). You can also use [app.all()](../../api/application#appallpath-callback--callback-) to handle all HTTP methods and [app.use()](../../api/application#appusepath-callback--callback) to +specify middleware as the callback function (See [Using middleware](../using-middleware) for details). These routing methods specify a callback function (sometimes called "handler functions") called when the application receives a request to the specified route (endpoint) and HTTP method. In other words, the application "listens" for requests that match the specified route(s) and method(s), and when it detects a match, it calls the specified callback function. @@ -50,7 +50,7 @@ app.post('/', (req, res) => { ``` Express supports methods that correspond to all HTTP request methods: `get`, `post`, and so on. -For a full list, see [app.METHOD](/en/5x/api/application#appmethodpath-callback--callback-). +For a full list, see [app.METHOD](../../api/application#appmethodpath-callback--callback-). There is a special routing method, `app.all()`, used to load middleware functions at a path for _all_ HTTP request methods. For example, the following handler is executed for requests to the route `"/secret"` whether using `GET`, `POST`, `PUT`, `DELETE`, or any other HTTP request method supported in the [http module](https://nodejs.org/api/http.html#http_http_methods). @@ -191,13 +191,13 @@ req.params: { "genus": "Prunus", "species": "persica" } Regexp characters are not supported in route paths. Use an array of paths or regular expressions instead. -See the [path route matching syntax](/en/guide/migrating-5#path-syntax) for more information. +See the [path route matching syntax](../../../guide/migrating-5#path-route-matching-syntax) for more information. ## Route handlers -You can provide multiple callback functions that behave like [middleware](/en/guide/using-middleware) to handle a request. The only exception is that these callbacks might invoke `next('route')` to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there's no reason to proceed with the current route. +You can provide multiple callback functions that behave like [middleware](../using-middleware) to handle a request. The only exception is that these callbacks might invoke `next('route')` to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there's no reason to proceed with the current route. ```js app.get('/user/:id', (req, res, next) => { @@ -292,22 +292,22 @@ app.get( The methods on the response object (`res`) in the following table can send a response to the client, and terminate the request-response cycle. If none of these methods are called from a route handler, the client request will be left hanging. -| Method | Description | -| ---------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | -| [res.download()](/en/5x/api/response#resdownloadpath--filename--options--fn) | Prompt a file to be downloaded. | -| [res.end()](/en/5x/api/response#resenddata-encoding-callback) | End the response process. | -| [res.json()](/en/5x/api/response#resjsonbody) | Send a JSON response. | -| [res.jsonp()](/en/5x/api/response#resjsonpbody) | Send a JSON response with JSONP support. | -| [res.redirect()](/en/5x/api/response#resredirectstatus-path) | Redirect a request. | -| [res.render()](/en/5x/api/response#resrenderview--locals--callback) | Render a view template. | -| [res.send()](/en/5x/api/response#ressendbody) | Send a response of various types. | -| [res.sendFile()](/en/5x/api/response#ressendfilepath--options--fn) | Send a file as an octet stream. | -| [res.sendStatus()](/en/5x/api/response#ressendstatusstatuscode) | Set the response status code and send its string representation as the response body. | +| Method | Description | +| --------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | +| [res.download()](../../api/response#resdownloadpath--filename--options--fn) | Prompt a file to be downloaded. | +| [res.end()](../../api/response#resenddata-encoding-callback) | End the response process. | +| [res.json()](../../api/response#resjsonbody) | Send a JSON response. | +| [res.jsonp()](../../api/response#resjsonpbody) | Send a JSON response with JSONP support. | +| [res.redirect()](../../api/response#resredirectstatus-path) | Redirect a request. | +| [res.render()](../../api/response#resrenderview--locals--callback) | Render a view template. | +| [res.send()](../../api/response#ressendbody) | Send a response of various types. | +| [res.sendFile()](../../api/response#ressendfilepath--options--fn) | Send a file as an octet stream. | +| [res.sendStatus()](../../api/response#ressendstatusstatuscode) | Set the response status code and send its string representation as the response body. | ## app.route() You can create chainable route handlers for a route path by using `app.route()`. -Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: [Router() documentation](/en/5x/api/router). +Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: [Router() documentation](../../api/router). Here is an example of chained route handlers that are defined by using `app.route()`. @@ -368,7 +368,7 @@ app.use('/birds', birds); The app will now be able to handle requests to `/birds` and `/birds/about`, as well as call the `timeLog` middleware function that is specific to the route. -But if the parent route `/birds` has path parameters, it will not be accessible by default from the sub-routes. To make it accessible, you will need to pass the `mergeParams` option to the Router constructor [reference](/en/5x/api/application#appusepath-callback--callback). +But if the parent route `/birds` has path parameters, it will not be accessible by default from the sub-routes. To make it accessible, you will need to pass the `mergeParams` option to the Router constructor [reference](../../api/application#appusepath-callback--callback). ```js const router = express.Router({ mergeParams: true }); diff --git a/src/content/docs/en/5x/guide/using-middleware.mdx b/src/content/docs/en/5x/guide/using-middleware.mdx index 36f8034ef2..b5a1a6796d 100644 --- a/src/content/docs/en/5x/guide/using-middleware.mdx +++ b/src/content/docs/en/5x/guide/using-middleware.mdx @@ -7,7 +7,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; Express is a routing and middleware web framework that has minimal functionality of its own: An Express application is essentially a series of middleware function calls. -_Middleware_ functions are functions that have access to the [request object](/en/5x/api#req) (`req`), the [response object](/en/5x/api#res) (`res`), and the next middleware function in the application's request-response cycle. The next middleware function is commonly denoted by a variable named `next`. +_Middleware_ functions are functions that have access to the [request object](../../api/request) (`req`), the [response object](../../api/response) (`res`), and the next middleware function in the application's request-response cycle. The next middleware function is commonly denoted by a variable named `next`. Middleware functions can perform the following tasks: @@ -20,18 +20,18 @@ If the current middleware function does not end the request-response cycle, it m An Express application can use the following types of middleware: -- [Application-level middleware](#middleware.application) -- [Router-level middleware](#middleware.router) -- [Error-handling middleware](#middleware.error-handling) -- [Built-in middleware](#middleware.built-in) -- [Third-party middleware](#middleware.third-party) +- [Application-level middleware](#application-level-middleware) +- [Router-level middleware](#router-level-middleware) +- [Error-handling middleware](#error-handling-middleware) +- [Built-in middleware](#built-in-middleware) +- [Third-party middleware](#third-party-middleware) You can load application-level and router-level middleware with an optional mount path. You can also load a series of middleware functions together, which creates a sub-stack of the middleware system at a mount point. ## Application-level middleware -Bind application-level middleware to an instance of the [app object](/en/5x/api#app) by using the `app.use()` and `app.METHOD()` functions, where `METHOD` is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase. +Bind application-level middleware to an instance of the [app object](../../api/application) by using the `app.use()` and `app.METHOD()` functions, where `METHOD` is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase. This example shows a middleware function with no mount path. The function is executed every time the app receives a request. @@ -262,7 +262,7 @@ app.use((err, req, res, next) => { }); ``` -For details about error-handling middleware, see: [Error handling](/en/guide/error-handling). +For details about error-handling middleware, see: [Error handling](../error-handling). ## Built-in middleware @@ -271,9 +271,9 @@ functions that were previously included with Express are now in separate modules Express has the following built-in middleware functions: -- [express.static](/en/5x/api#express.static) serves static assets such as HTML files, images, and so on. -- [express.json](/en/5x/api#express.json) parses incoming requests with JSON payloads. **NOTE: Available with Express 4.16.0+** -- [express.urlencoded](/en/5x/api#express.urlencoded) parses incoming requests with URL-encoded payloads. **NOTE: Available with Express 4.16.0+** +- [express.static](../../api/express/#expressstaticroot-options) serves static assets such as HTML files, images, and so on. +- [express.json](../../api/express/#expressjsonoptions) parses incoming requests with JSON payloads. **NOTE: Available with Express 4.16.0+** +- [express.urlencoded](../../api/express/#expressurlencodedoptions) parses incoming requests with URL-encoded payloads. **NOTE: Available with Express 4.16.0+** ## Third-party middleware @@ -296,4 +296,4 @@ const cookieParser = require('cookie-parser'); app.use(cookieParser()); ``` -For a partial list of third-party middleware functions that are commonly used with Express, see: [Third-party middleware](../resources/middleware). +For a partial list of third-party middleware functions that are commonly used with Express, see: [Third-party middleware](../../../resources/middleware). diff --git a/src/content/docs/en/5x/guide/using-template-engines.mdx b/src/content/docs/en/5x/guide/using-template-engines.mdx index 31edcdde82..7c70645ffd 100644 --- a/src/content/docs/en/5x/guide/using-template-engines.mdx +++ b/src/content/docs/en/5x/guide/using-template-engines.mdx @@ -9,9 +9,9 @@ A _template engine_ enables you to use static template files in your application variables in a template file with actual values, and transforms the template into an HTML file sent to the client. This approach makes it easier to design an HTML page. -The [Express application generator](/en/starter/generator) uses [Pug](https://pugjs.org/api/getting-started.html) as its default, but it also supports [Handlebars](https://www.npmjs.com/package/handlebars), and [EJS](https://www.npmjs.com/package/ejs), among others. +The [Express application generator](../../starter/generator) uses [Pug](https://pugjs.org/api/getting-started.html) as its default, but it also supports [Handlebars](https://www.npmjs.com/package/handlebars), and [EJS](https://www.npmjs.com/package/ejs), among others. -To render template files, set the following [application setting properties](/en/4x/api#app.set), in the default `app.js` created by the generator: +To render template files, set the following [application setting properties](../../api/application/#appsetname-value), in the default `app.js` created by the generator: - `views`, the directory where the template files are located. Eg: `app.set('views', './views')`. This defaults to the `views` directory in the application root directory. diff --git a/src/content/docs/en/5x/guide/writing-middleware.mdx b/src/content/docs/en/5x/guide/writing-middleware.mdx index 507c3ac06a..054c6e6cb5 100644 --- a/src/content/docs/en/5x/guide/writing-middleware.mdx +++ b/src/content/docs/en/5x/guide/writing-middleware.mdx @@ -5,7 +5,7 @@ description: Learn how to write custom middleware functions for Express.js appli import Alert from '@components/primitives/Alert/Alert.astro'; -_Middleware_ functions are functions that have access to the [request object](/en/5x/api#req) (`req`), the [response object](/en/5x/api#res) (`res`), and the `next` function in the application's request-response cycle. The `next` function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware. +_Middleware_ functions are functions that have access to the [request object](../../api/request) (`req`), the [response object](../../api/response) (`res`), and the `next` function in the application's request-response cycle. The `next` function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware. Middleware functions can perform the following tasks: @@ -143,7 +143,7 @@ async function cookieValidator(cookies) { } ``` -Here, we use the [`cookie-parser`](/en/resources/middleware/cookie-parser) middleware to parse incoming cookies off the `req` object and pass them to our `cookieValidator` function. The `validateCookies` middleware returns a Promise that upon rejection will automatically trigger our error handler. +Here, we use the [`cookie-parser`](../../../resources/middleware/cookie-parser) middleware to parse incoming cookies off the `req` object and pass them to our `cookieValidator` function. The `validateCookies` middleware returns a Promise that upon rejection will automatically trigger our error handler. ```js const express = require('express'); @@ -181,7 +181,7 @@ functions. Because you have access to the request object, the response object, the next middleware function in the stack, and the whole Node.js API, the possibilities with middleware functions are endless. -For more information about Express middleware, see: [Using Express middleware](/en/guide/using-middleware). +For more information about Express middleware, see: [Using Express middleware](../using-middleware). ## Configurable middleware diff --git a/src/content/docs/en/5x/starter/basic-routing.mdx b/src/content/docs/en/5x/starter/basic-routing.mdx index 1d9ee9316e..6d4768513d 100644 --- a/src/content/docs/en/5x/starter/basic-routing.mdx +++ b/src/content/docs/en/5x/starter/basic-routing.mdx @@ -26,7 +26,7 @@ Where: This tutorial assumes that an instance of `express` named `app` is created and the server is running. If you are not familiar with creating an app and starting it, see the [Hello world -example](/en/starter/hello-world). +example](../hello-world). @@ -64,4 +64,4 @@ app.delete('/user', (req, res) => { }); ``` -For more details about routing, see the [routing guide](/en/guide/routing). +For more details about routing, see the [routing guide](../../guide/routing). diff --git a/src/content/docs/en/5x/starter/faq.md b/src/content/docs/en/5x/starter/faq.md index 1adcb7be0e..092826fe13 100755 --- a/src/content/docs/en/5x/starter/faq.md +++ b/src/content/docs/en/5x/starter/faq.md @@ -13,8 +13,8 @@ Routes and other application-specific logic can live in as many files as you wish, in any directory structure you prefer. View the following examples for inspiration: -- [Route listings](https://github.com/expressjs/express/blob/4.13.1/examples/route-separation/index.js#L32-L47) -- [Route map](https://github.com/expressjs/express/blob/4.13.1/examples/route-map/index.js#L52-L66) +- [Route listings](https://github.com/expressjs/express/blob/v5.2.1/examples/route-separation/index.js#L34-L49) +- [Route map](https://github.com/expressjs/express/blob/v5.2.1/examples/route-map/index.js#L55-L69) - [MVC style controllers](https://github.com/expressjs/express/tree/master/examples/mvc) Also, there are third-party extensions for Express, which simplify some of these patterns: @@ -42,7 +42,7 @@ To normalize template engine interfaces and caching, see the [consolidate.js](https://github.com/visionmedia/consolidate.js) project for support. Unlisted template engines might still support the Express signature. -For more information, see [Using template engines with Express](/en/guide/using-template-engines). +For more information, see [Using template engines with Express](../../guide/using-template-engines). ## How do I handle 404 responses? @@ -75,7 +75,7 @@ app.use((err, req, res, next) => { }); ``` -For more information, see [Error handling](/en/guide/error-handling). +For more information, see [Error handling](../../guide/error-handling). ## How do I render plain HTML? @@ -86,5 +86,5 @@ middleware function. ## What version of Node.js does Express require? -- [Express 4.x](/en/4x/api) requires Node.js 0.10 or higher. -- [Express 5.x](/en/5x/api) requires Node.js 18 or higher. +- [Express 4.x](../../../4x/api) requires Node.js 0.10 or higher. +- [Express 5.x](../../../5x/api) requires Node.js 18 or higher. diff --git a/src/content/docs/en/5x/starter/hello-world.mdx b/src/content/docs/en/5x/starter/hello-world.mdx index 63821ba16e..3ba6fb1fec 100644 --- a/src/content/docs/en/5x/starter/hello-world.mdx +++ b/src/content/docs/en/5x/starter/hello-world.mdx @@ -8,7 +8,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; Embedded below is essentially the simplest Express app you can create. It is a single file app -— _not_ what you'd get if you use the [Express generator](/en/starter/generator), which +— _not_ what you'd get if you use the [Express generator](../generator), which creates the scaffolding for a full app with numerous JavaScript files, Jade templates, and sub-directories for various purposes. @@ -33,7 +33,7 @@ to the root URL (`/`) or _route_. For every other path, it will respond with a * ## Running Locally -First create a directory named `myapp`, change to it and run `npm init`. Then, install `express` as a dependency, as per the [installation guide](/en/starter/installing). +First create a directory named `myapp`, change to it and run `npm init`. Then, install `express` as a dependency, as per the [installation guide](../installing). In the `myapp` directory, create a file named `app.js` and copy the code from the example above. diff --git a/src/content/docs/en/5x/starter/static-files.mdx b/src/content/docs/en/5x/starter/static-files.mdx index 25009911ce..2506633eea 100644 --- a/src/content/docs/en/5x/starter/static-files.mdx +++ b/src/content/docs/en/5x/starter/static-files.mdx @@ -14,7 +14,7 @@ express.static(root, [options]); ``` The `root` argument specifies the root directory from which to serve static assets. -For more information on the `options` argument, see [express.static](/en/5x/api#express.static). +For more information on the `options` argument, see [express.static](../../api/express/#expressstaticroot-options). For example, use the following code to serve images, CSS files, and JavaScript files in a directory named `public`: @@ -51,12 +51,12 @@ Express looks up the files in the order in which you set the static directories For best results, [use a reverse -proxy](/en/advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of +proxy](../../../advanced/best-practice-performance/#use-a-reverse-proxy) cache to improve performance of serving static assets. -To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the `express.static` function, [specify a mount path](/en/5x/api#app.use) for the static directory, as shown below: +To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the `express.static` function, [specify a mount path](../../api/application/#appusepath-callback--callback) for the static directory, as shown below: ```js app.use('/static', express.static('public')); @@ -79,4 +79,4 @@ const path = require('path'); app.use('/static', express.static(path.join(__dirname, 'public'))); ``` -For more details about the `serve-static` function and its options, see [serve-static](/en/resources/middleware/serve-static). +For more details about the `serve-static` function and its options, see [serve-static](../../../resources/middleware/serve-static). diff --git a/src/content/pages/en/advanced/best-practice-security.mdx b/src/content/pages/en/advanced/best-practice-security.mdx index 0f1ba53c67..ba60aae46c 100644 --- a/src/content/pages/en/advanced/best-practice-security.mdx +++ b/src/content/pages/en/advanced/best-practice-security.mdx @@ -18,27 +18,25 @@ Policies and Procedures](/en/resources/contributing#security-policies-and-proced Security best practices for Express applications in production include: -- [Production Best Practices: Security](#production-best-practices-security) - - [Overview](#overview) - - [Don't use deprecated or vulnerable versions of Express](#dont-use-deprecated-or-vulnerable-versions-of-express) - - [Use TLS](#use-tls) - - [Do not trust user input](#do-not-trust-user-input) - - [Prevent open redirects](#prevent-open-redirects) - - [Use Helmet](#use-helmet) - - [Reduce fingerprinting](#reduce-fingerprinting) - - [Use cookies securely](#use-cookies-securely) - - [Don't use the default session cookie name](#dont-use-the-default-session-cookie-name) - - [Set cookie security options](#set-cookie-security-options) - - [Prevent brute-force attacks against authorization](#prevent-brute-force-attacks-against-authorization) - - [Ensure your dependencies are secure](#ensure-your-dependencies-are-secure) - - [Avoid other known vulnerabilities](#avoid-other-known-vulnerabilities) - - [Additional considerations](#additional-considerations) +- [Don't use deprecated or vulnerable versions of Express](#dont-use-deprecated-or-vulnerable-versions-of-express) +- [Use TLS](#use-tls) +- [Do not trust user input](#do-not-trust-user-input) + - [Prevent open redirects](#prevent-open-redirects) +- [Use Helmet](#use-helmet) +- [Reduce fingerprinting](#reduce-fingerprinting) +- [Use cookies securely](#use-cookies-securely) + - [Don't use the default session cookie name](#dont-use-the-default-session-cookie-name) + - [Set cookie security options](#set-cookie-security-options) +- [Prevent brute-force attacks against authorization](#prevent-brute-force-attacks-against-authorization) +- [Ensure your dependencies are secure](#ensure-your-dependencies-are-secure) + - [Avoid other known vulnerabilities](#avoid-other-known-vulnerabilities) +- [Additional considerations](#additional-considerations) ## Don't use deprecated or vulnerable versions of Express -Express 2.x and 3.x are no longer maintained. Security and performance issues in these versions won't be fixed. Do not use them! If you haven't moved to version 4, follow the [migration guide](/en/guide/migrating-4) or consider [Commercial Support Options](/en/support#commercial-support-options). +Express 2.x and 3.x are no longer maintained. Security and performance issues in these versions won't be fixed. Do not use them! If you haven't moved to version 4, follow the [migration guide](../../guide/migrating-4) or consider [Commercial Support Options](../../support#commercial-support-options). -Also ensure you are not using any of the vulnerable Express versions listed on the [Security updates page](/en/advanced/security-updates). If you are, update to one of the stable releases, preferably the latest. +Also ensure you are not using any of the vulnerable Express versions listed on the [Security updates page](../security-updates). If you are, update to one of the stable releases, preferably the latest. ## Use TLS diff --git a/src/content/pages/en/advanced/security-updates.mdx b/src/content/pages/en/advanced/security-updates.mdx index 3de8b46feb..cbe954c2c4 100644 --- a/src/content/pages/en/advanced/security-updates.mdx +++ b/src/content/pages/en/advanced/security-updates.mdx @@ -18,7 +18,7 @@ The list below enumerates the Express vulnerabilities that were fixed in the spe If you believe you have discovered a security vulnerability in Express, please see [Security -Policies and Procedures](/en/resources/contributing#security-policies-and-procedures). +Policies and Procedures](../../resources/contributing#security-policies-and-procedures). diff --git a/src/content/pages/en/guide/migrating-4.mdx b/src/content/pages/en/guide/migrating-4.mdx index 42a1b63163..b151a9c545 100644 --- a/src/content/pages/en/guide/migrating-4.mdx +++ b/src/content/pages/en/guide/migrating-4.mdx @@ -9,34 +9,17 @@ Express 4 is a breaking change from Express 3. That means an existing Express 3 This article covers: - +- [Changes in Express 4](#changes-in-express-4). +- [An example](#example-app-migration) of migrating an Express 3 app to Express 4. +- [Upgrading to the Express 4 app generator](#upgrading-to-the-express-4-app-generator). ## Changes in Express 4 There are several significant changes in Express 4: - +- [Changes to Express core and middleware system.](#changes-to-express-core-and-middleware-system) The dependencies on Connect and built-in middleware were removed, so you must add middleware yourself. +- [Changes to the routing system.](#the-routing-system) +- [Various other changes.](#other-changes) See also: @@ -221,7 +204,7 @@ new features to help organize your routes: The new `app.route()` method enables you to create chainable route handlers for a route path. Because the path is specified in a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more -information about routes, see [`Router()` documentation](/en/4x/api#router). +information about routes, see [`Router()` documentation](../../4x/api/router/). Here is an example of chained route handlers that are defined by using the `app.route()` function. diff --git a/src/content/pages/en/guide/migrating-5.mdx b/src/content/pages/en/guide/migrating-5.mdx index b93cec072c..ee89fed472 100644 --- a/src/content/pages/en/guide/migrating-5.mdx +++ b/src/content/pages/en/guide/migrating-5.mdx @@ -103,7 +103,7 @@ Or you can update your code manually: A leading colon character (:) in the name for the `app.param(name, fn)` function is a remnant of Express 3, and for the sake of backwards compatibility, Express 4 supported it with a deprecation notice. Express 5 will silently ignore it and use the name parameter without prefixing it with a colon. -This should not affect your code if you follow the Express 4 documentation of [app.param](/en/4x/api#app.param), as it makes no mention of the leading colon. +This should not affect your code if you follow the Express 4 documentation of [app.param](../../4x/api/application/#appparamname-callback), as it makes no mention of the leading colon. ### req.param(name) @@ -404,7 +404,7 @@ Path route matching syntax is when a string is supplied as the first parameter t Request middleware and handlers that return rejected promises are now handled by forwarding the rejected value as an `Error` to the error handling middleware. This means that using `async` functions as middleware and handlers are easier than ever. When an error is thrown in an `async` function or a rejected promise is `await`ed inside an async function, those errors will be passed to the error handler as if calling `next(err)`. -Details of how Express handles errors is covered in the [error handling documentation](/en/guide/error-handling). +Details of how Express handles errors is covered in the [error handling documentation](../../5x/guide/error-handling). #### How to update diff --git a/src/content/pages/en/resources/community.mdx b/src/content/pages/en/resources/community.mdx index f6aec6398b..27e2eb9163 100755 --- a/src/content/pages/en/resources/community.mdx +++ b/src/content/pages/en/resources/community.mdx @@ -38,11 +38,11 @@ Members of the Express technical committee are: ## Express is made of many modules Our vibrant community has created a large variety of extensions, -[middleware modules](/en/resources/middleware) and higher-level frameworks. +[middleware modules](../middleware) and higher-level frameworks. Additionally, the Express community maintains modules in these two GitHub orgs: -- [jshttp](https://github.com/jshttp) modules providing useful utility functions; see [Utility modules](/en/resources/utils). +- [jshttp](https://github.com/jshttp) modules providing useful utility functions; see [Utility modules](../utils). - [pillarjs](https://github.com/pillarjs): low-level modules that Express uses internally. To keep up with what is going on in the whole community, check out the [ExpressJS StatusBoard](https://expressjs.github.io/statusboard/). diff --git a/src/content/pages/en/resources/contributing.mdx b/src/content/pages/en/resources/contributing.mdx index 6e83079c25..e3b292a74a 100644 --- a/src/content/pages/en/resources/contributing.mdx +++ b/src/content/pages/en/resources/contributing.mdx @@ -9,7 +9,7 @@ Express is an [OpenJS Foundation](https://openjsf.org/) project spread across th ## Technical committee -The Express technical committee consists of active project members, and guides development and maintenance of the Express project. For more information, see [Express Community - Technical committee](/en/resources/community/#technical-committee). +The Express technical committee consists of active project members, and guides development and maintenance of the Express project. For more information, see [Express Community - Technical committee](../community/#technical-committee). ## Community contributing guide diff --git a/src/content/pages/en/resources/glossary.mdx b/src/content/pages/en/resources/glossary.mdx index d0051b3be5..d4e84011e0 100644 --- a/src/content/pages/en/resources/glossary.mdx +++ b/src/content/pages/en/resources/glossary.mdx @@ -7,7 +7,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; ## application -In general, one or more programs that are designed to carry out operations for a specific purpose. In the context of Express, a program that uses the Express API running on the Node.js platform. Might also refer to an [app object](/en/api#express). +In general, one or more programs that are designed to carry out operations for a specific purpose. In the context of Express, a program that uses the Express API running on the Node.js platform. Might also refer to an [app object](../../api/express). ## API @@ -58,4 +58,4 @@ Part of a URL that identifies a resource. For example, in `http://foo.com/produc ## router -See [router](/en/api#router) in the API reference. +See [router](../../api/router) in the API reference. diff --git a/src/content/pages/en/resources/index.mdx b/src/content/pages/en/resources/index.mdx index 890eb29a75..af7da1f3a0 100644 --- a/src/content/pages/en/resources/index.mdx +++ b/src/content/pages/en/resources/index.mdx @@ -9,31 +9,31 @@ import { CardList } from '@components/patterns'; Find resources to help you learn, contribute, and connect with the Express.js ecosystem. Whether you're looking to get involved in the community, explore middleware, or understand key concepts, you'll find what you need here. - + - + - + - + - + Date: Sat, 23 May 2026 00:54:39 +0200 Subject: [PATCH 06/16] Update a lot of external links - a few HTTP -> HTTPS - some were updated to the URLs that they redirect to - a few had `#` anchors updated - fixed some doc URLs that have moved (Node.js, nginx, systemd) - things that I could not find an up-to date link for, have been changed to Internet Archive links - one link to an example of unsupported product has been removed (closes #2270) --- src/content/api/3x/api/application/index.mdx | 4 +-- src/content/api/3x/api/response/index.mdx | 2 +- src/content/api/4x/api/application/index.mdx | 8 +++--- src/content/api/4x/api/express/index.mdx | 2 +- src/content/api/4x/api/response/index.mdx | 6 ++--- src/content/api/5x/api/application/index.mdx | 8 +++--- src/content/api/5x/api/express/index.mdx | 2 +- src/content/api/5x/api/response/index.mdx | 6 ++--- src/content/docs/en/4x/guide/debugging.mdx | 2 +- src/content/docs/en/4x/starter/examples.mdx | 1 - src/content/docs/en/4x/starter/faq.md | 2 +- src/content/docs/en/5x/guide/debugging.mdx | 2 +- src/content/docs/en/5x/starter/examples.mdx | 1 - src/content/docs/en/5x/starter/faq.md | 2 +- .../en/advanced/best-practice-performance.md | 26 +++++++++---------- .../en/advanced/best-practice-security.mdx | 18 ++++++------- .../advanced/healthcheck-graceful-shutdown.md | 2 +- .../pages/en/advanced/security-updates.mdx | 22 ++++++++-------- src/content/pages/en/guide/migrating-4.mdx | 2 +- .../pages/en/resources/contributing.mdx | 2 +- src/content/pages/en/resources/glossary.mdx | 4 +-- .../pages/en/resources/middleware/index.mdx | 2 +- src/content/pages/en/support.md | 2 +- 23 files changed, 63 insertions(+), 65 deletions(-) diff --git a/src/content/api/3x/api/application/index.mdx b/src/content/api/3x/api/application/index.mdx index 0f7e469613..a9b6fec887 100644 --- a/src/content/api/3x/api/application/index.mdx +++ b/src/content/api/3x/api/application/index.mdx @@ -60,7 +60,7 @@ console.log(app.locals.name); // => if name's variable is used in a template, a ReferenceError will be returned. ``` -The full list of native named properties can be found in many specifications. The JavaScript specification introduced original properties, some of which still recognized by modern engines, and the EcmaScript specification then built on it and normalized the set of properties, adding new ones and removing deprecated ones. Check out properties for Functions and Objects if interested. +The full list of native named properties can be found in many specifications. The JavaScript specification introduced original properties, some of which still recognized by modern engines, and the EcmaScript specification then built on it and normalized the set of properties, adding new ones and removing deprecated ones. Check out properties for Functions and Objects if interested. By default Express exposes only a single app-level local variable, `settings`. @@ -540,7 +540,7 @@ app.render('email', { name: 'Tobi' }, function (err, html) { ### app.listen() Bind and listen for connections on the given host and port, -this method is identical to node's http.Server#listen(). +this method is identical to node's http.Server#listen(). ```js var express = require('express'); diff --git a/src/content/api/3x/api/response/index.mdx b/src/content/api/3x/api/response/index.mdx index c2a7b6d54e..9e18ed6744 100644 --- a/src/content/api/3x/api/response/index.mdx +++ b/src/content/api/3x/api/response/index.mdx @@ -302,7 +302,7 @@ Express supports a few forms of redirection, first being a fully qualified URI for redirecting to a different site: ```js -res.redirect('http://google.com'); +res.redirect('https://google.com'); ``` The second form is the pathname-relative redirect, for example diff --git a/src/content/api/4x/api/application/index.mdx b/src/content/api/4x/api/application/index.mdx index 7b727f8a89..a4f87d0419 100644 --- a/src/content/api/4x/api/application/index.mdx +++ b/src/content/api/4x/api/application/index.mdx @@ -843,12 +843,12 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN | ------------------------ | --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- | | `case sensitive routing` | Boolean | Enable case sensitivity. When enabled, "/Foo" and "/foo" are different routes. When disabled, "/Foo" and "/foo" are treated the same. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `env` | String | Environment mode. Be sure to set to "production" in a production environment; see [Production best practices: performance and reliability](/en/advanced/best-practice-performance#env). | `process.env.NODE_ENV` (`NODE_ENV` environment variable) or "development" if `NODE_ENV` is not set. | -| `etag` | Varied | Set the ETag response header. For possible values, see the `etag` options table below. [More about the HTTP ETag header](http://en.wikipedia.org/wiki/HTTP_ETag). | `weak` | +| `etag` | Varied | Set the ETag response header. For possible values, see the `etag` options table below. [More about the HTTP ETag header](https://en.wikipedia.org/wiki/HTTP_ETag). | `weak` | | `jsonp callback name` | String | Specifies the default JSONP callback name. | "callback" | | `json escape` | Boolean | Enable escaping JSON responses from the `res.json`, `res.jsonp`, and `res.send` APIs. This will escape the characters `<`, `>`, and `&` as Unicode escape sequences in JSON. The purpose of this is to assist with [mitigating certain types of persistent XSS attacks](https://blog.mozilla.org/security/2017/07/18/web-service-audits-firefox-accounts/) when clients sniff responses for HTML. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `json replacer` | Varied | The ['replacer' argument used by `JSON.stringify`](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#The_replacer_parameter). **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `json spaces` | Varied | The ['space' argument used by `JSON.stringify`](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#The_space_argument). This is typically set to the number of spaces to use to indent prettified JSON. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `query parser` | Varied | Disable query parsing by setting the value to `false`, or set the query parser to use either "simple" or "extended" or a custom query string parsing function. The simple query parser is based on Node's native query parser, [querystring](http://nodejs.org/api/querystring.html). The extended query parser is based on [qs](https://www.npmjs.org/package/qs). A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. | "extended" | +| `json replacer` | Varied | The ['replacer' argument used by `JSON.stringify`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#the_replacer_parameter). **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | +| `json spaces` | Varied | The ['space' argument used by `JSON.stringify`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#the_space_parameter). This is typically set to the number of spaces to use to indent prettified JSON. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | +| `query parser` | Varied | Disable query parsing by setting the value to `false`, or set the query parser to use either "simple" or "extended" or a custom query string parsing function. The simple query parser is based on Node's native query parser, [querystring](https://nodejs.org/api/querystring.html). The extended query parser is based on [qs](https://www.npmjs.org/package/qs). A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. | "extended" | | `strict routing` | Boolean | Enable strict routing. When enabled, the router treats "/foo" and "/foo/" as different. Otherwise, the router treats "/foo" and "/foo/" as the same. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `subdomain offset` | Number | The number of dot-separated parts of the host to remove to access subdomain. | 2 | | `trust proxy` | Varied | Indicates the app is behind a front-facing proxy, and to use the `X-Forwarded-*` headers to determine the connection and the IP address of the client. NOTE: `X-Forwarded-*` headers are easily spoofed and the detected IP addresses are unreliable. When enabled, Express attempts to determine the IP address of the client connected through the front-facing proxy, or series of proxies. The `req.ips` property, then contains an array of IP addresses the client is connected through. To enable it, use the values described in the trust proxy options table below. The `trust proxy` setting is implemented using the [proxy-addr](https://www.npmjs.org/package/proxy-addr) package. For more information, see its documentation. **NOTE**: Sub-apps _will_ inherit the value of this setting, even though it has a default value. | `false` (disabled) | diff --git a/src/content/api/4x/api/express/index.mdx b/src/content/api/4x/api/express/index.mdx index df904a0a5b..9f7639b9ff 100644 --- a/src/content/api/4x/api/express/index.mdx +++ b/src/content/api/4x/api/express/index.mdx @@ -49,7 +49,7 @@ The following table describes the properties of the optional `options` object. | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------- | -------------------- | | `inflate` | Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | `true` | | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | -| `reviver` | The `reviver` option is passed directly to `JSON.parse` as the second argument. You can find more information on this argument [in the MDN documentation about JSON.parse](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#Example.3A_Using_the_reviver_parameter). | Function | `null` | +| `reviver` | The `reviver` option is passed directly to `JSON.parse` as the second argument. You can find more information on this argument [in the MDN documentation about JSON.parse](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#the_reviver_parameter). | Function | `null` | | `strict` | Enables or disables only accepting arrays and objects; when disabled will accept anything `JSON.parse` accepts. | Boolean | `true` | | `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `json`), a mime type (like `application/json`), or a mime type with a wildcard (like `*/*` or `*/json`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/json"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | diff --git a/src/content/api/4x/api/response/index.mdx b/src/content/api/4x/api/response/index.mdx index 89981a0722..987cf46721 100644 --- a/src/content/api/4x/api/response/index.mdx +++ b/src/content/api/4x/api/response/index.mdx @@ -174,7 +174,7 @@ The `options` parameter is an object that can have the following properties. All `res.cookie()` does is set the HTTP `Set-Cookie` header with the options provided. Any option -not specified defaults to the value stated in [RFC 6265](http://tools.ietf.org/html/rfc6265). +not specified defaults to the value stated in [RFC 6265](https://datatracker.ietf.org/doc/html/rfc6265). @@ -485,7 +485,7 @@ res.redirect('../login'); Redirects can be a fully-qualified URL for redirecting to a different site: ```js -res.redirect('http://google.com'); +res.redirect('https://google.com'); ``` Redirects can be relative to the root of the host name. For example, if the @@ -518,7 +518,7 @@ Path-relative redirects are also possible. If you were on res.redirect('..'); ``` -A `back` redirection redirects the request back to the [referer](http://en.wikipedia.org/wiki/HTTP_referer), +A `back` redirection redirects the request back to the [referer](https://en.wikipedia.org/wiki/HTTP_referer), defaulting to `/` when the referer is missing. ```js diff --git a/src/content/api/5x/api/application/index.mdx b/src/content/api/5x/api/application/index.mdx index 2e8215cfb7..d370ef1565 100644 --- a/src/content/api/5x/api/application/index.mdx +++ b/src/content/api/5x/api/application/index.mdx @@ -781,12 +781,12 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN | ------------------------ | --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- | | `case sensitive routing` | Boolean | Enable case sensitivity. When enabled, "/Foo" and "/foo" are different routes. When disabled, "/Foo" and "/foo" are treated the same. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `env` | String | Environment mode. Be sure to set to "production" in a production environment; see [Production best practices: performance and reliability](/en/advanced/best-practice-performance#env). | `process.env.NODE_ENV` (`NODE_ENV` environment variable) or "development" if `NODE_ENV` is not set. | -| `etag` | Varied | Set the ETag response header. For possible values, see the `etag` options table below. [More about the HTTP ETag header](http://en.wikipedia.org/wiki/HTTP_ETag). | `weak` | +| `etag` | Varied | Set the ETag response header. For possible values, see the `etag` options table below. [More about the HTTP ETag header](https://en.wikipedia.org/wiki/HTTP_ETag). | `weak` | | `jsonp callback name` | String | Specifies the default JSONP callback name. | "callback" | | `json escape` | Boolean | Enable escaping JSON responses from the `res.json`, `res.jsonp`, and `res.send` APIs. This will escape the characters `<`, `>`, and `&` as Unicode escape sequences in JSON. The purpose of this is to assist with [mitigating certain types of persistent XSS attacks](https://blog.mozilla.org/security/2017/07/18/web-service-audits-firefox-accounts/) when clients sniff responses for HTML. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `json replacer` | Varied | The ['replacer' argument used by `JSON.stringify`](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#The_replacer_parameter). **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `json spaces` | Varied | The ['space' argument used by `JSON.stringify`](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#The_space_argument). This is typically set to the number of spaces to use to indent prettified JSON. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `query parser` | Varied | Disable query parsing by setting the value to `false`, or set the query parser to use either "simple" or "extended" or a custom query string parsing function. The simple query parser is based on Node's native query parser, [querystring](http://nodejs.org/api/querystring.html). The extended query parser is based on [qs](https://www.npmjs.org/package/qs). A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. | "simple" | +| `json replacer` | Varied | The ['replacer' argument used by `JSON.stringify`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#the_replacer_parameter). **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | +| `json spaces` | Varied | The ['space' argument used by `JSON.stringify`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#the_space_parameter). This is typically set to the number of spaces to use to indent prettified JSON. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | +| `query parser` | Varied | Disable query parsing by setting the value to `false`, or set the query parser to use either "simple" or "extended" or a custom query string parsing function. The simple query parser is based on Node's native query parser, [querystring](https://nodejs.org/api/querystring.html). The extended query parser is based on [qs](https://www.npmjs.org/package/qs). A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. | "simple" | | `strict routing` | Boolean | Enable strict routing. When enabled, the router treats "/foo" and "/foo/" as different. Otherwise, the router treats "/foo" and "/foo/" as the same. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `subdomain offset` | Number | The number of dot-separated parts of the host to remove to access subdomain. | 2 | | `trust proxy` | Varied | Indicates the app is behind a front-facing proxy, and to use the `X-Forwarded-*` headers to determine the connection and the IP address of the client. NOTE: `X-Forwarded-*` headers are easily spoofed and the detected IP addresses are unreliable. When enabled, Express attempts to determine the IP address of the client connected through the front-facing proxy, or series of proxies. The `req.ips` property, then contains an array of IP addresses the client is connected through. To enable it, use the values described in the trust proxy options table below. The `trust proxy` setting is implemented using the [proxy-addr](https://www.npmjs.org/package/proxy-addr) package. For more information, see its documentation. **NOTE**: Sub-apps _will_ inherit the value of this setting, even though it has a default value. | `false` (disabled) | diff --git a/src/content/api/5x/api/express/index.mdx b/src/content/api/5x/api/express/index.mdx index 97d542ce13..0ea7c9a324 100644 --- a/src/content/api/5x/api/express/index.mdx +++ b/src/content/api/5x/api/express/index.mdx @@ -49,7 +49,7 @@ The following table describes the properties of the optional `options` object. | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------- | -------------------- | | `inflate` | Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | `true` | | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | -| `reviver` | The `reviver` option is passed directly to `JSON.parse` as the second argument. You can find more information on this argument [in the MDN documentation about JSON.parse](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#Example.3A_Using_the_reviver_parameter). | Function | `null` | +| `reviver` | The `reviver` option is passed directly to `JSON.parse` as the second argument. You can find more information on this argument [in the MDN documentation about JSON.parse](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#the_reviver_parameter). | Function | `null` | | `strict` | Enables or disables only accepting arrays and objects; when disabled will accept anything `JSON.parse` accepts. | Boolean | `true` | | `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `json`), a mime type (like `application/json`), or a mime type with a wildcard (like `*/*` or `*/json`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/json"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | diff --git a/src/content/api/5x/api/response/index.mdx b/src/content/api/5x/api/response/index.mdx index 10023394e9..efc22659e0 100644 --- a/src/content/api/5x/api/response/index.mdx +++ b/src/content/api/5x/api/response/index.mdx @@ -166,7 +166,7 @@ The `options` parameter is an object that can have the following properties. All `res.cookie()` does is set the HTTP `Set-Cookie` header with the options provided. Any option -not specified defaults to the value stated in [RFC 6265](http://tools.ietf.org/html/rfc6265). +not specified defaults to the value stated in [RFC 6265](https://datatracker.ietf.org/doc/html/rfc6265). @@ -463,7 +463,7 @@ res.redirect('../login'); Redirects can be a fully-qualified URL for redirecting to a different site: ```js -res.redirect('http://google.com'); +res.redirect('https://google.com'); ``` Redirects can be relative to the root of the host name. For example, if the @@ -688,7 +688,7 @@ version being used. -[More about HTTP Status Codes](http://en.wikipedia.org/wiki/List_of_HTTP_status_codes) +[More about HTTP Status Codes](https://en.wikipedia.org/wiki/List_of_HTTP_status_codes) ### res.set(field [, value]) diff --git a/src/content/docs/en/4x/guide/debugging.mdx b/src/content/docs/en/4x/guide/debugging.mdx index 801bb392b9..4a5e74d9bb 100644 --- a/src/content/docs/en/4x/guide/debugging.mdx +++ b/src/content/docs/en/4x/guide/debugging.mdx @@ -118,7 +118,7 @@ When running through Node.js, you can set a few environment variables that will The environment variables beginning with `DEBUG_` end up being converted into an Options object that gets used with `%o`/`%O` formatters. See the Node.js documentation for -[`util.inspect()`](https://nodejs.org/api/util#util_util_inspect_object_options) for the complete +[`util.inspect()`](https://nodejs.org/api/util.html#utilinspectobject-options) for the complete list. diff --git a/src/content/docs/en/4x/starter/examples.mdx b/src/content/docs/en/4x/starter/examples.mdx index 6685b9cbe4..a38dd14df2 100644 --- a/src/content/docs/en/4x/starter/examples.mdx +++ b/src/content/docs/en/4x/starter/examples.mdx @@ -41,5 +41,4 @@ These are some additional examples with more extensive integrations. Expressjs project team. -- [prisma-fullstack](https://github.com/prisma/prisma-examples/tree/latest/pulse/fullstack-simple-chat) - Fullstack app with Express and Next.js using [Prisma](https://www.npmjs.com/package/prisma) as an ORM - [prisma-rest-api-ts](https://github.com/prisma/prisma-examples/tree/latest/orm/express) - REST API with Express in TypeScript using [Prisma](https://www.npmjs.com/package/prisma) as an ORM diff --git a/src/content/docs/en/4x/starter/faq.md b/src/content/docs/en/4x/starter/faq.md index 3d59e34a5d..17175a1f8c 100755 --- a/src/content/docs/en/4x/starter/faq.md +++ b/src/content/docs/en/4x/starter/faq.md @@ -27,7 +27,7 @@ Express has no notion of a database. This concept is left up to third-party Node modules, allowing you to interface with nearly any database. -See [LoopBack](http://loopback.io) for an Express-based framework that is centered around models. +See [LoopBack](https://loopback.io/) for an Express-based framework that is centered around models. ## How can I authenticate users? diff --git a/src/content/docs/en/5x/guide/debugging.mdx b/src/content/docs/en/5x/guide/debugging.mdx index 801bb392b9..4a5e74d9bb 100644 --- a/src/content/docs/en/5x/guide/debugging.mdx +++ b/src/content/docs/en/5x/guide/debugging.mdx @@ -118,7 +118,7 @@ When running through Node.js, you can set a few environment variables that will The environment variables beginning with `DEBUG_` end up being converted into an Options object that gets used with `%o`/`%O` formatters. See the Node.js documentation for -[`util.inspect()`](https://nodejs.org/api/util#util_util_inspect_object_options) for the complete +[`util.inspect()`](https://nodejs.org/api/util.html#utilinspectobject-options) for the complete list. diff --git a/src/content/docs/en/5x/starter/examples.mdx b/src/content/docs/en/5x/starter/examples.mdx index 69f410e908..385c0ef3b9 100644 --- a/src/content/docs/en/5x/starter/examples.mdx +++ b/src/content/docs/en/5x/starter/examples.mdx @@ -45,5 +45,4 @@ Expressjs project team. -- [prisma-fullstack](https://github.com/prisma/prisma-examples/tree/latest/pulse/fullstack-simple-chat) - Fullstack app with Express and Next.js using [Prisma](https://www.npmjs.com/package/prisma) as an ORM - [prisma-rest-api-ts](https://github.com/prisma/prisma-examples/tree/latest/orm/express) - REST API with Express in TypeScript using [Prisma](https://www.npmjs.com/package/prisma) as an ORM diff --git a/src/content/docs/en/5x/starter/faq.md b/src/content/docs/en/5x/starter/faq.md index 092826fe13..5b0339691e 100755 --- a/src/content/docs/en/5x/starter/faq.md +++ b/src/content/docs/en/5x/starter/faq.md @@ -27,7 +27,7 @@ Express has no notion of a database. This concept is left up to third-party Node modules, allowing you to interface with nearly any database. -See [LoopBack](http://loopback.io) for an Express-based framework that is centered around models. +See [LoopBack](https://loopback.io/) for an Express-based framework that is centered around models. ## How can I authenticate users? diff --git a/src/content/pages/en/advanced/best-practice-performance.md b/src/content/pages/en/advanced/best-practice-performance.md index a98c7fcf6a..5d06e9c7e0 100644 --- a/src/content/pages/en/advanced/best-practice-performance.md +++ b/src/content/pages/en/advanced/best-practice-performance.md @@ -41,7 +41,7 @@ const app = express(); app.use(compression()); ``` -For a high-traffic website in production, the best way to put compression in place is to implement it at a reverse proxy level (see [Use a reverse proxy](#use-a-reverse-proxy)). In that case, you do not need to use compression middleware. For details on enabling gzip compression in Nginx, see [Module ngx_http_gzip_module](http://nginx.org/en/docs/http/ngx_http_gzip_module) in the Nginx documentation. +For a high-traffic website in production, the best way to put compression in place is to implement it at a reverse proxy level (see [Use a reverse proxy](#use-a-reverse-proxy)). In that case, you do not need to use compression middleware. For details on enabling gzip compression in Nginx, see [Module ngx_http_gzip_module](https://nginx.org/en/docs/http/ngx_http_gzip_module.html) in the Nginx documentation. ### Don't use synchronous functions @@ -49,11 +49,11 @@ Synchronous functions and methods tie up the executing process until they return Although Node and many modules provide synchronous and asynchronous versions of their functions, always use the asynchronous version in production. The only time when a synchronous function can be justified is upon initial startup. -You can use the `--trace-sync-io` command-line flag to print a warning and a stack trace whenever your application uses a synchronous API. Of course, you wouldn't want to use this in production, but rather to ensure that your code is ready for production. See the [node command-line options documentation](https://nodejs.org/api/cli#cli_trace_sync_io) for more information. +You can use the `--trace-sync-io` command-line flag to print a warning and a stack trace whenever your application uses a synchronous API. Of course, you wouldn't want to use this in production, but rather to ensure that your code is ready for production. See the [node command-line options documentation](https://nodejs.org/api/cli.html#trace-sync-io) for more information. ### Do logging correctly -In general, there are two reasons for logging from your app: For debugging and for logging app activity (essentially, everything else). Using `console.log()` or `console.error()` to print log messages to the terminal is common practice in development. But [these functions are synchronous](https://nodejs.org/api/console#console) when the destination is a terminal or a file, so they are not suitable for production, unless you pipe the output to another program. +In general, there are two reasons for logging from your app: For debugging and for logging app activity (essentially, everything else). Using `console.log()` or `console.error()` to print log messages to the terminal is common practice in development. But [these functions are synchronous](https://nodejs.org/api/console.html#console) when the destination is a terminal or a file, so they are not suitable for production, unless you pipe the output to another program. #### For debugging @@ -76,7 +76,7 @@ Before diving into these topics, you should have a basic understanding of Node/E For more on the fundamentals of error handling, see: -- [Error Handling in Node.js](https://www.tritondatacenter.com/node-js/production/design/errors) +- [Error Handling in Node.js](https://web.archive.org/web/20210619211351/https://www.joyent.com/node-js/production/design/errors) #### Use try-catch @@ -134,9 +134,9 @@ Best practice is to handle errors as close to the site as possible. So while thi One thing you should _not_ do is to listen for the `uncaughtException` event, emitted when an exception bubbles all the way back to the event loop. Adding an event listener for `uncaughtException` will change the default behavior of the process that is encountering an exception; the process will continue to run despite the exception. This might sound like a good way of preventing your app from crashing, but continuing to run the app after an uncaught exception is a dangerous practice and is not recommended, because the state of the process becomes unreliable and unpredictable. -Additionally, using `uncaughtException` is officially recognized as [crude](https://nodejs.org/api/process#process_event_uncaughtexception). So listening for `uncaughtException` is just a bad idea. This is why we recommend things like multiple processes and supervisors: crashing and restarting is often the most reliable way to recover from an error. +Additionally, using `uncaughtException` is officially recognized as [crude](https://nodejs.org/api/process.html#event-uncaughtexception). So listening for `uncaughtException` is just a bad idea. This is why we recommend things like multiple processes and supervisors: crashing and restarting is often the most reliable way to recover from an error. -We also don't recommend using [domains](https://nodejs.org/api/domain). It generally doesn't solve the problem and is a deprecated module. +We also don't recommend using [domains](https://nodejs.org/api/domain.html). It generally doesn't solve the problem and is a deprecated module. ## Things to do in your environment / setup @@ -159,7 +159,7 @@ Setting NODE_ENV to "production" makes Express: - Cache CSS files generated from CSS extensions. - Generate less verbose error messages. -[Tests indicate](https://www.dynatrace.com/news/blog/the-drastic-effects-of-omitting-node-env-in-your-express-js-applications/) that just doing this can improve app performance by a factor of three! +[Tests indicate](https://web.archive.org/web/20250814011110/https://www.dynatrace.com/news/blog/the-drastic-effects-of-omitting-node-env-in-your-express-js-applications/) that just doing this can improve app performance by a factor of three! If you need to write environment-specific code, you can check the value of NODE_ENV with `process.env.NODE_ENV`. Be aware that checking the value of any environment variable incurs a performance penalty, and so should be done sparingly. @@ -240,7 +240,7 @@ Restart=always WantedBy=multi-user.target ``` -For more information on systemd, see the [systemd reference (man page)](http://www.freedesktop.org/software/systemd/man/systemd.unit). +For more information on systemd, see the [systemd reference (man page)](https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html). ### Run your app in a cluster @@ -248,13 +248,13 @@ In a multi-core system, you can increase the performance of a Node app by many t ![Balancing between application instances using the cluster API](/images/clustering.png) -IMPORTANT: Since the app instances run as separate processes, they do not share the same memory space. That is, objects are local to each instance of the app. Therefore, you cannot maintain state in the application code. However, you can use an in-memory datastore like [Redis](http://redis.io/) to store session-related data and state. This caveat applies to essentially all forms of horizontal scaling, whether clustering with multiple processes or multiple physical servers. +IMPORTANT: Since the app instances run as separate processes, they do not share the same memory space. That is, objects are local to each instance of the app. Therefore, you cannot maintain state in the application code. However, you can use an in-memory datastore like [Redis](https://redis.io/) to store session-related data and state. This caveat applies to essentially all forms of horizontal scaling, whether clustering with multiple processes or multiple physical servers. In clustered apps, worker processes can crash individually without affecting the rest of the processes. Apart from performance advantages, failure isolation is another reason to run a cluster of app processes. Whenever a worker process crashes, always make sure to log the event and spawn a new process using cluster.fork(). #### Using Node's cluster module -Clustering is made possible with Node's [cluster module](https://nodejs.org/api/cluster). This enables a master process to spawn worker processes and distribute incoming connections among the workers. +Clustering is made possible with Node's [cluster module](https://nodejs.org/api/cluster.html). This enables a master process to spawn worker processes and distribute incoming connections among the workers. #### Using PM2 @@ -288,13 +288,13 @@ For more information on clustering with PM2, see [Cluster Mode](https://pm2.keym Another strategy to improve the performance in production is to cache the result of requests, so that your app does not repeat the operation to serve the same request repeatedly. -Use a caching server like [Varnish](https://www.varnish-cache.org/) or [Nginx](https://blog.nginx.org/blog/nginx-caching-guide) (see also [Nginx Caching](https://serversforhackers.com/nginx-caching/)) to greatly improve the speed and performance of your app. +Use a caching server like [Varnish](https://www.varnish.org/) or [Nginx](https://blog.nginx.org/blog/nginx-caching-guide) (see also [Nginx Caching](https://serversforhackers.com/c/nginx-caching)) to greatly improve the speed and performance of your app. ### Use a load balancer No matter how optimized an app is, a single instance can handle only a limited amount of load and traffic. One way to scale an app is to run multiple instances of it and distribute the traffic via a load balancer. Setting up a load balancer can improve your app's performance and speed, and enable it to scale more than is possible with a single instance. -A load balancer is usually a reverse proxy that orchestrates traffic to and from multiple application instances and servers. You can easily set up a load balancer for your app by using [Nginx](https://nginx.org/en/docs/http/load_balancing) or [HAProxy](https://www.digitalocean.com/community/tutorials/an-introduction-to-haproxy-and-load-balancing-concepts). +A load balancer is usually a reverse proxy that orchestrates traffic to and from multiple application instances and servers. You can easily set up a load balancer for your app by using [Nginx](https://nginx.org/en/docs/http/load_balancing.html) or [HAProxy](https://www.digitalocean.com/community/tutorials/an-introduction-to-haproxy-and-load-balancing-concepts). With load balancing, you might have to ensure that requests that are associated with a particular session ID connect to the process that originated them. This is known as _session affinity_, or _sticky sessions_, and may be addressed by the suggestion above to use a data store such as Redis for session data (depending on your application). For a discussion, see [Using multiple nodes](https://socket.io/docs/v4/using-multiple-nodes/). @@ -302,4 +302,4 @@ With load balancing, you might have to ensure that requests that are associated A reverse proxy sits in front of a web app and performs supporting operations on the requests, apart from directing requests to the app. It can handle error pages, compression, caching, serving files, and load balancing among other things. -Handing over tasks that do not require knowledge of application state to a reverse proxy frees up Express to perform specialized application tasks. For this reason, it is recommended to run Express behind a reverse proxy like [Nginx](https://www.nginx.org/) or [HAProxy](https://www.haproxy.org/) in production. +Handing over tasks that do not require knowledge of application state to a reverse proxy frees up Express to perform specialized application tasks. For this reason, it is recommended to run Express behind a reverse proxy like [Nginx](https://nginx.org/) or [HAProxy](https://www.haproxy.org/) in production. diff --git a/src/content/pages/en/advanced/best-practice-security.mdx b/src/content/pages/en/advanced/best-practice-security.mdx index ba60aae46c..a11c84d4c5 100644 --- a/src/content/pages/en/advanced/best-practice-security.mdx +++ b/src/content/pages/en/advanced/best-practice-security.mdx @@ -42,7 +42,7 @@ Also ensure you are not using any of the vulnerable Express versions listed on t If your app deals with or transmits sensitive data, use [Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security) (TLS) to secure the connection and the data. This technology encrypts data before it is sent from the client to the server, thus preventing some common (and easy) hacks. Although Ajax and POST requests might not be visibly obvious and seem "hidden" in browsers, their network traffic is vulnerable to [packet sniffing](https://en.wikipedia.org/wiki/Packet_analyzer) and [man-in-the-middle attacks](https://en.wikipedia.org/wiki/Man-in-the-middle_attack). -You may be familiar with Secure Socket Layer (SSL) encryption. [TLS is simply the next progression of SSL](). In other words, if you were using SSL before, consider upgrading to TLS. In general, we recommend Nginx to handle TLS. For a good reference to configure TLS on Nginx (and other servers), see [Recommended Server Configurations (Mozilla Wiki)](https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Server_Configurations). +You may be familiar with Secure Socket Layer (SSL) encryption. [TLS is simply the next progression of SSL](https://learn.microsoft.com/en-us/windows/win32/secauthn/tls-versus-ssl). In other words, if you were using SSL before, consider upgrading to TLS. In general, we recommend Nginx to handle TLS. For a good reference to configure TLS on Nginx (and other servers), see [Recommended Server Configurations (Mozilla Wiki)](https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Server_Configurations). Also, a handy tool to get a free TLS certificate is [Let's Encrypt](https://letsencrypt.org/about/), a free, automated, and open certificate authority (CA) provided by the [Internet Security Research Group (ISRG)](https://www.abetterinternet.org/). @@ -83,9 +83,9 @@ Helmet is a middleware function that sets security-related HTTP response headers - `Cross-Origin-Opener-Policy`: Helps process-isolate your page - `Cross-Origin-Resource-Policy`: Blocks others from loading your resources cross-origin - `Origin-Agent-Cluster`: Changes process isolation to be origin-based -- `Referrer-Policy`: Controls the [`Referer`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer) header +- `Referrer-Policy`: Controls the [`Referer`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Referer) header - `Strict-Transport-Security`: Tells browsers to prefer HTTPS -- `X-Content-Type-Options`: Avoids [MIME sniffing](https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types#mime_sniffing) +- `X-Content-Type-Options`: Avoids [MIME sniffing](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/MIME_types#mime_sniffing) - `X-DNS-Prefetch-Control`: Controls DNS prefetching - `X-Download-Options`: Forces downloads to be saved (Internet Explorer only) - `X-Frame-Options`: Legacy header that mitigates [Clickjacking](https://en.wikipedia.org/wiki/Clickjacking) attacks @@ -242,7 +242,7 @@ $ npm audit If you want to stay more secure, consider [Snyk](https://snyk.io/). -Snyk offers both a [command-line tool](https://www.npmjs.com/package/snyk) and a [GitHub integration](https://snyk.io/docs/github) that checks your application against [Snyk's open source vulnerability database](https://snyk.io/vuln/) for any known vulnerabilities in your dependencies. Install the CLI as follows: +Snyk offers both a [command-line tool](https://www.npmjs.com/package/snyk) and a [GitHub integration](https://docs.snyk.io/discover-snyk/getting-started) that checks your application against [Snyk's open source vulnerability database](https://security.snyk.io/) for any known vulnerabilities in your dependencies. Install the CLI as follows: ```bash $ npm install -g snyk @@ -257,9 +257,9 @@ $ snyk test ### Avoid other known vulnerabilities -Keep an eye out for [Node Security Project](https://npmjs.com/advisories) or [Snyk](https://snyk.io/vuln/) advisories that may affect Express or other modules that your app uses. In general, these databases are excellent resources for knowledge and tools about Node security. +Keep an eye out for [GitHub Advisory Database](https://github.com/advisories?query=ecosystem%3Anpm) or [Snyk](https://security.snyk.io/vuln/npm) advisories that may affect Express or other modules that your app uses. In general, these databases are excellent resources for knowledge and tools about Node security. -Finally, Express apps—like any other web apps—can be vulnerable to a variety of web-based attacks. Familiarize yourself with known [web vulnerabilities](https://www.owasp.org/www-project-top-ten/) and take precautions to avoid them. +Finally, Express apps—like any other web apps—can be vulnerable to a variety of web-based attacks. Familiarize yourself with known [web vulnerabilities](https://owasp.org/www-project-top-ten/) and take precautions to avoid them. ## Additional considerations @@ -267,8 +267,8 @@ Here are some further recommendations from the excellent [Node.js Security Check - Always filter and sanitize user input to protect against cross-site scripting (XSS) and command injection attacks. - Defend against SQL injection attacks by using parameterized queries or prepared statements. -- Use the open-source [sqlmap](http://sqlmap.org/) tool to detect SQL injection vulnerabilities in your app. +- Use the open-source [sqlmap](https://sqlmap.org/) tool to detect SQL injection vulnerabilities in your app. - Use the [nmap](https://nmap.org/) and [sslyze](https://github.com/nabla-c0d3/sslyze) tools to test the configuration of your SSL ciphers, keys, and renegotiation as well as the validity of your certificate. -- Use [safe-regex](https://www.npmjs.com/package/safe-regex) to ensure your regular expressions are not susceptible to [regular expression denial of service](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS) attacks. +- Use [safe-regex](https://www.npmjs.com/package/safe-regex) to ensure your regular expressions are not susceptible to [regular expression denial of service](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS) attacks. -[helmet]: https://helmetjs.github.io/ +[helmet]: https://helmet.js.org/ diff --git a/src/content/pages/en/advanced/healthcheck-graceful-shutdown.md b/src/content/pages/en/advanced/healthcheck-graceful-shutdown.md index c060e58605..5d7b87ac11 100644 --- a/src/content/pages/en/advanced/healthcheck-graceful-shutdown.md +++ b/src/content/pages/en/advanced/healthcheck-graceful-shutdown.md @@ -22,7 +22,7 @@ process.on('SIGTERM', () => { ## Health checks -A load balancer uses health checks to determine if an application instance is healthy and can accept requests. For example, [Kubernetes has two health checks](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/): +A load balancer uses health checks to determine if an application instance is healthy and can accept requests. For example, [Kubernetes has two health checks](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes//): - `liveness`, that determines when to restart a container. - `readiness`, that determines when a container is ready to start accepting traffic. When a pod is not ready, it is removed from the service load balancers. diff --git a/src/content/pages/en/advanced/security-updates.mdx b/src/content/pages/en/advanced/security-updates.mdx index cbe954c2c4..a8e4f2451b 100644 --- a/src/content/pages/en/advanced/security-updates.mdx +++ b/src/content/pages/en/advanced/security-updates.mdx @@ -29,32 +29,32 @@ Policies and Procedures](../../resources/contributing#security-policies-and-proc - 4.21.1 - The dependency `cookie` has been updated to address a [vulnerability](https://github.com/jshttp/cookie/security/advisories/GHSA-pxg6-pf52-xh8x), This may affect your application if you use `res.cookie`. - 4.20.0 - - Fixed XSS vulnerability in `res.redirect` ([advisory](https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx), [CVE-2024-43796](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43796)). + - Fixed XSS vulnerability in `res.redirect` ([advisory](https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx), [CVE-2024-43796](https://www.cve.org/CVERecord?id=CVE-2024-43796)). - The dependency `serve-static` has been updated to address a [vulnerability](https://github.com/advisories/GHSA-cm22-4g7w-348p). - The dependency `send` has been updated to address a [vulnerability](https://github.com/advisories/GHSA-m6fv-jmcg-4jfg). - The dependency `path-to-regexp` has been updated to address a [vulnerability](https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j). - The dependency `body-parser` has been updated to addres a [vulnerability](https://github.com/advisories/GHSA-qwcr-r2fm-qrc7), This may affect your application if you had url enconding activated. - 4.19.0, 4.19.1 - - Fixed open redirect vulnerability in `res.location` and `res.redirect` ([advisory](https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc), [CVE-2024-29041](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29041)). + - Fixed open redirect vulnerability in `res.location` and `res.redirect` ([advisory](https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc), [CVE-2024-29041](https://www.cve.org/CVERecord?id=CVE-2024-29041)). - 4.17.3 - The dependency `qs` has been updated to address a [vulnerability](https://github.com/advisories/GHSA-hrpp-h998-j3pp). This may affect your application if the following APIs are used: `req.query`, `req.body`, `req.param`. - 4.16.0 - - The dependency `forwarded` has been updated to address a [vulnerability](https://npmjs.com/advisories/527). This may affect your application if the following APIs are used: `req.host`, `req.hostname`, `req.ip`, `req.ips`, `req.protocol`. - - The dependency `mime` has been updated to address a [vulnerability](https://npmjs.com/advisories/535), but this issue does not impact Express. + - The dependency `forwarded` has been updated to address a [vulnerability](https://github.com/advisories/GHSA-mpcf-4gmh-23w8). This may affect your application if the following APIs are used: `req.host`, `req.hostname`, `req.ip`, `req.ips`, `req.protocol`. + - The dependency `mime` has been updated to address a [vulnerability](https://github.com/advisories/GHSA-wrvr-8mpx-r7pp), but this issue does not impact Express. - The dependency `send` has been updated to provide a protection against a [Node.js 8.5.0 vulnerability](https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/). This only impacts running Express on the specific Node.js version 8.5.0. - 4.15.5 - - The dependency `debug` has been updated to address a [vulnerability](https://snyk.io/vuln/npm:debug:20170905), but this issue does not impact Express. - - The dependency `fresh` has been updated to address a [vulnerability](https://npmjs.com/advisories/526). This will affect your application if the following APIs are used: `express.static`, `req.fresh`, `res.json`, `res.jsonp`, `res.send`, `res.sendfile` `res.sendFile`, `res.sendStatus`. + - The dependency `debug` has been updated to address a [vulnerability](https://security.snyk.io/vuln/npm:debug:20170905), but this issue does not impact Express. + - The dependency `fresh` has been updated to address a [vulnerability](https://github.com/advisories/GHSA-9qj9-36jm-prpv). This will affect your application if the following APIs are used: `express.static`, `req.fresh`, `res.json`, `res.jsonp`, `res.send`, `res.sendfile` `res.sendFile`, `res.sendStatus`. - 4.15.3 - - The dependency `ms` has been updated to address a [vulnerability](https://snyk.io/vuln/npm:ms:20170412). This may affect your application if untrusted string input is passed to the `maxAge` option in the following APIs: `express.static`, `res.sendfile`, and `res.sendFile`. + - The dependency `ms` has been updated to address a [vulnerability](https://security.snyk.io/vuln/npm:ms:20170412). This may affect your application if untrusted string input is passed to the `maxAge` option in the following APIs: `express.static`, `res.sendfile`, and `res.sendFile`. - 4.15.2 - - The dependency `qs` has been updated to address a [vulnerability](https://snyk.io/vuln/npm:qs:20170213), but this issue does not impact Express. Updating to 4.15.2 is a good practice, but not required to address the vulnerability. + - The dependency `qs` has been updated to address a [vulnerability](https://security.snyk.io/vuln/npm:qs:20170213), but this issue does not impact Express. Updating to 4.15.2 is a good practice, but not required to address the vulnerability. - 4.11.1 - Fixed root path disclosure vulnerability in `express.static`, `res.sendfile`, and `res.sendFile` - 4.10.7 - - Fixed open redirect vulnerability in `express.static` ([advisory](https://npmjs.com/advisories/35), [CVE-2015-1164](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1164)). + - Fixed open redirect vulnerability in `express.static` ([advisory](https://github.com/advisories/GHSA-c3x7-gjmx-r2ff), [CVE-2015-1164](https://www.cve.org/CVERecord?id=CVE-2015-1164)). - 4.8.8 - - Fixed directory traversal vulnerabilities in `express.static` ([advisory](http://npmjs.com/advisories/32) , [CVE-2014-6394](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6394)). + - Fixed directory traversal vulnerabilities in `express.static` ([advisory](https://github.com/advisories/GHSA-xwg4-93c6-3h42) , [CVE-2014-6394](https://www.cve.org/CVERecord?id=CVE-2014-6394)). - 4.8.4 - Node.js 0.10 can leak `fd`s in certain situations that affect `express.static` and `res.sendfile`. Malicious requests could cause `fd`s to leak and eventually lead to `EMFILE` errors and server unresponsiveness. - 4.8.0 @@ -75,7 +75,7 @@ If you are unable to upgrade past 3.x, please consider [Commercial Support Optio - 3.19.1 - Fixed root path disclosure vulnerability in `express.static`, `res.sendfile`, and `res.sendFile` - 3.19.0 - - Fixed open redirect vulnerability in `express.static` ([advisory](https://npmjs.com/advisories/35), [CVE-2015-1164](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1164)). + - Fixed open redirect vulnerability in `express.static` ([advisory](https://github.com/advisories/GHSA-c3x7-gjmx-r2ff), [CVE-2015-1164](https://www.cve.org/CVERecord?id=CVE-2015-1164)). - 3.16.10 - Fixed directory traversal vulnerabilities in `express.static`. - 3.16.6 diff --git a/src/content/pages/en/guide/migrating-4.mdx b/src/content/pages/en/guide/migrating-4.mdx index b151a9c545..fcfe6415c7 100644 --- a/src/content/pages/en/guide/migrating-4.mdx +++ b/src/content/pages/en/guide/migrating-4.mdx @@ -580,7 +580,7 @@ Command options and use largely remain the same, with the following exceptions: - Removed the `--sessions` option. - Removed the `--jshtml` option. -- Added the `--hogan` option to support [Hogan.js](http://twitter.github.io/hogan.js/). +- Added the `--hogan` option to support [Hogan.js](https://twitter.github.io/hogan.js/). ### Example diff --git a/src/content/pages/en/resources/contributing.mdx b/src/content/pages/en/resources/contributing.mdx index e3b292a74a..1b8e952bea 100644 --- a/src/content/pages/en/resources/contributing.mdx +++ b/src/content/pages/en/resources/contributing.mdx @@ -332,7 +332,7 @@ This allows us to collaborate on a fix while maintaining the confidentiality of the report. To report a vulnerability -([docs](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability)): +([docs](https://docs.github.com/en/code-security/how-tos/report-and-fix-vulnerabilities/privately-reporting-a-security-vulnerability)): 1. Visit the **Security** tab of the affected repository on GitHub. 2. Click **Report a vulnerability** and follow the provided steps. diff --git a/src/content/pages/en/resources/glossary.mdx b/src/content/pages/en/resources/glossary.mdx index d4e84011e0..2bb348af2a 100644 --- a/src/content/pages/en/resources/glossary.mdx +++ b/src/content/pages/en/resources/glossary.mdx @@ -35,7 +35,7 @@ A software platform that is used to build scalable network applications. Node.js ## open-source, open source -When used as an adjective, hyphenate; for example: "This is open-source software." See [Open-source software on Wikipedia](http://en.wikipedia.org/wiki/Open-source_software). +When used as an adjective, hyphenate; for example: "This is open-source software." See [Open-source software on Wikipedia](https://en.wikipedia.org/wiki/Open-source_software). @@ -46,7 +46,7 @@ hyphenating a compound adjective. ## request -An HTTP request. A client submits an HTTP request message to a server, which returns a response. The request must use one of several [request methods](https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#Request_methods) such as GET, POST, and so on. +An HTTP request. A client submits an HTTP request message to a server, which returns a response. The request must use one of several [request methods](https://en.wikipedia.org/wiki/HTTP#Request_methods) such as GET, POST, and so on. ## response diff --git a/src/content/pages/en/resources/middleware/index.mdx b/src/content/pages/en/resources/middleware/index.mdx index 24a2a66512..258a85f355 100644 --- a/src/content/pages/en/resources/middleware/index.mdx +++ b/src/content/pages/en/resources/middleware/index.mdx @@ -24,7 +24,7 @@ The Express middleware modules listed here are maintained by the | [serve-index](/en/resources/middleware/serve-index) | Serve directory listing for a given path. | | [serve-static](/en/resources/middleware/serve-static) | Serve static files. | | [session](/en/resources/middleware/session) | Establish server-based sessions (development only). | -| [timeout](/en/resources/middleware/timeout) | Set a timeout perioHTTP request processing. | +| [timeout](/en/resources/middleware/timeout) | Set a timeout period for HTTP request processing. | | [vhost](/en/resources/middleware/vhost) | Create virtual domains. | ## Additional middleware modules diff --git a/src/content/pages/en/support.md b/src/content/pages/en/support.md index 8d2612c702..3c5cec7e69 100644 --- a/src/content/pages/en/support.md +++ b/src/content/pages/en/support.md @@ -20,4 +20,4 @@ Versions that are EOL (end-of-life) _may_ receive updates for critical security If you are unable to update to a supported version of Express, please contact one of our partners to receive security updates: -- [HeroDevs Never-Ending Support](http://www.herodevs.com/support/express-nes?utm_source=expressjs&utm_medium=link&utm_campaign=express_eol_page) +- [HeroDevs Never-Ending Support](https://www.herodevs.com/support/express-nes?utm_source=expressjs&utm_medium=link&utm_campaign=express_eol_page) From 4480e89ad4b8eb3dbe885069f4059598201b9d35 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Sat, 23 May 2026 00:56:05 +0200 Subject: [PATCH 07/16] Change old npmjs.org links to npmjs.com --- src/content/api/4x/api/application/index.mdx | 6 +++--- src/content/api/4x/api/express/index.mdx | 12 ++++++------ src/content/api/4x/api/request/index.mdx | 2 +- src/content/api/4x/api/response/index.mdx | 4 ++-- src/content/api/5x/api/application/index.mdx | 6 +++--- src/content/api/5x/api/express/index.mdx | 12 ++++++------ src/content/api/5x/api/request/index.mdx | 2 +- src/content/api/5x/api/response/index.mdx | 4 ++-- 8 files changed, 24 insertions(+), 24 deletions(-) diff --git a/src/content/api/4x/api/application/index.mdx b/src/content/api/4x/api/application/index.mdx index a4f87d0419..5a485efe1c 100644 --- a/src/content/api/4x/api/application/index.mdx +++ b/src/content/api/4x/api/application/index.mdx @@ -848,10 +848,10 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN | `json escape` | Boolean | Enable escaping JSON responses from the `res.json`, `res.jsonp`, and `res.send` APIs. This will escape the characters `<`, `>`, and `&` as Unicode escape sequences in JSON. The purpose of this is to assist with [mitigating certain types of persistent XSS attacks](https://blog.mozilla.org/security/2017/07/18/web-service-audits-firefox-accounts/) when clients sniff responses for HTML. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `json replacer` | Varied | The ['replacer' argument used by `JSON.stringify`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#the_replacer_parameter). **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `json spaces` | Varied | The ['space' argument used by `JSON.stringify`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#the_space_parameter). This is typically set to the number of spaces to use to indent prettified JSON. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `query parser` | Varied | Disable query parsing by setting the value to `false`, or set the query parser to use either "simple" or "extended" or a custom query string parsing function. The simple query parser is based on Node's native query parser, [querystring](https://nodejs.org/api/querystring.html). The extended query parser is based on [qs](https://www.npmjs.org/package/qs). A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. | "extended" | +| `query parser` | Varied | Disable query parsing by setting the value to `false`, or set the query parser to use either "simple" or "extended" or a custom query string parsing function. The simple query parser is based on Node's native query parser, [querystring](https://nodejs.org/api/querystring.html). The extended query parser is based on [qs](https://www.npmjs.com/package/qs). A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. | "extended" | | `strict routing` | Boolean | Enable strict routing. When enabled, the router treats "/foo" and "/foo/" as different. Otherwise, the router treats "/foo" and "/foo/" as the same. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `subdomain offset` | Number | The number of dot-separated parts of the host to remove to access subdomain. | 2 | -| `trust proxy` | Varied | Indicates the app is behind a front-facing proxy, and to use the `X-Forwarded-*` headers to determine the connection and the IP address of the client. NOTE: `X-Forwarded-*` headers are easily spoofed and the detected IP addresses are unreliable. When enabled, Express attempts to determine the IP address of the client connected through the front-facing proxy, or series of proxies. The `req.ips` property, then contains an array of IP addresses the client is connected through. To enable it, use the values described in the trust proxy options table below. The `trust proxy` setting is implemented using the [proxy-addr](https://www.npmjs.org/package/proxy-addr) package. For more information, see its documentation. **NOTE**: Sub-apps _will_ inherit the value of this setting, even though it has a default value. | `false` (disabled) | +| `trust proxy` | Varied | Indicates the app is behind a front-facing proxy, and to use the `X-Forwarded-*` headers to determine the connection and the IP address of the client. NOTE: `X-Forwarded-*` headers are easily spoofed and the detected IP addresses are unreliable. When enabled, Express attempts to determine the IP address of the client connected through the front-facing proxy, or series of proxies. The `req.ips` property, then contains an array of IP addresses the client is connected through. To enable it, use the values described in the trust proxy options table below. The `trust proxy` setting is implemented using the [proxy-addr](https://www.npmjs.com/package/proxy-addr) package. For more information, see its documentation. **NOTE**: Sub-apps _will_ inherit the value of this setting, even though it has a default value. | `false` (disabled) | | `views` | String or Array | A directory or an array of directories for the application's views. If an array, the views are looked up in the order they occur in the array. | `process.cwd() + '/views'` | | `view cache` | Boolean | Enables view template compilation caching. **NOTE**: Sub-apps will not inherit the value of this setting in production (when `NODE_ENV` is "production"). | `true` in production, otherwise undefined. | | `view engine` | String | The default engine extension to use when omitted. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | @@ -913,7 +913,7 @@ app.set('trust proxy', function (ip) { **NOTE**: These settings apply only to dynamic files, not static files. The `express.static` middleware ignores these settings. -The ETag functionality is implemented using the [etag](https://www.npmjs.org/package/etag) package. For more information, see its documentation. +The ETag functionality is implemented using the [etag](https://www.npmjs.com/package/etag) package. For more information, see its documentation. | Type | Value | | -------- | ---------------------------------------------------------------------------------------- | diff --git a/src/content/api/4x/api/express/index.mdx b/src/content/api/4x/api/express/index.mdx index 9f7639b9ff..b4c1c9abda 100644 --- a/src/content/api/4x/api/express/index.mdx +++ b/src/content/api/4x/api/express/index.mdx @@ -51,7 +51,7 @@ The following table describes the properties of the optional `options` object. | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | | `reviver` | The `reviver` option is passed directly to `JSON.parse` as the second argument. You can find more information on this argument [in the MDN documentation about JSON.parse](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#the_reviver_parameter). | Function | `null` | | `strict` | Enables or disables only accepting arrays and objects; when disabled will accept anything `JSON.parse` accepts. | Boolean | `true` | -| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `json`), a mime type (like `application/json`), or a mime type with a wildcard (like `*/*` or `*/json`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/json"` | +| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.com/package/type-is#readme) library and this can be an extension name (like `json`), a mime type (like `application/json`), or a mime type with a wildcard (like `*/*` or `*/json`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/json"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | @@ -91,7 +91,7 @@ The following table describes the properties of the optional `options` object. | --------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ---------------------------- | | `inflate` | Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | `true` | | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | -| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `bin`), a mime type (like `application/octet-stream`), or a mime type with a wildcard (like `*/*` or `application/*`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/octet-stream"` | +| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.com/package/type-is#readme) library and this can be an extension name (like `bin`), a mime type (like `application/octet-stream`), or a mime type with a wildcard (like `*/*` or `application/*`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/octet-stream"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | @@ -153,7 +153,7 @@ See also the [example below](#example-of-expressstatic). | `immutable` | Enable or disable the `immutable` directive in the `Cache-Control` response header. If enabled, the `maxAge` option should also be specified to enable caching. The `immutable` directive will prevent supported clients from making conditional requests during the life of the `maxAge` option to check if the file has changed. | Boolean | `false` | | `index` | Sends the specified directory index file. Set to `false` to disable directory indexing. | Mixed | "index.html" | | `lastModified` | Set the `Last-Modified` header to the last modified date of the file on the OS. | Boolean | `true` | -| `maxAge` | Set the max-age property of the Cache-Control header in milliseconds or a string in [ms format](https://www.npmjs.org/package/ms). | Number | 0 | +| `maxAge` | Set the max-age property of the Cache-Control header in milliseconds or a string in [ms format](https://www.npmjs.com/package/ms). | Number | 0 | | `redirect` | Redirect to trailing "/" when the pathname is a directory. | Boolean | `true` | | `setHeaders` | Function for setting HTTP headers to serve with the file.

See [setHeaders](#setheaders) below. | Function | | | `acceptRanges` | Enable or disable accepting ranged requests. Disabling this will not send the `Accept-Ranges` header and will ignore the contents of the Range request header. | Boolean | true | @@ -258,7 +258,7 @@ The following table describes the properties of the optional `options` object. | `defaultCharset` | Specify the default character set for the text content if the charset is not specified in the `Content-Type` header of the request. | String | `"utf-8"` | | `inflate` | Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | `true` | | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | -| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `txt`), a mime type (like `text/plain`), or a mime type with a wildcard (like `*/*` or `text/*`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"text/plain"` | +| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.com/package/type-is#readme) library and this can be an extension name (like `txt`), a mime type (like `text/plain`), or a mime type with a wildcard (like `*/*` or `text/*`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"text/plain"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | @@ -297,11 +297,11 @@ The following table describes the properties of the optional `options` object. | Property | Description | Type | Default | | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------------------------------- | -| `extended` | This option allows to choose between parsing the URL-encoded data with the `querystring` library (when `false`) or the `qs` library (when `true`). The "extended" syntax allows for rich objects and arrays to be encoded into the URL-encoded format, allowing for a JSON-like experience with URL-encoded. For more information, please [see the qs library](https://www.npmjs.org/package/qs#readme). | Boolean | `true` | +| `extended` | This option allows to choose between parsing the URL-encoded data with the `querystring` library (when `false`) or the `qs` library (when `true`). The "extended" syntax allows for rich objects and arrays to be encoded into the URL-encoded format, allowing for a JSON-like experience with URL-encoded. For more information, please [see the qs library](https://www.npmjs.com/package/qs#readme). | Boolean | `true` | | `inflate` | Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | `true` | | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | | `parameterLimit` | This option controls the maximum number of parameters that are allowed in the URL-encoded data. If a request contains more parameters than this value, an error will be raised. | Number | `1000` | -| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `urlencoded`), a mime type (like `application/x-www-form-urlencoded`), or a mime type with a wildcard (like `*/x-www-form-urlencoded`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/x-www-form-urlencoded"` | +| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.com/package/type-is#readme) library and this can be an extension name (like `urlencoded`), a mime type (like `application/x-www-form-urlencoded`), or a mime type with a wildcard (like `*/x-www-form-urlencoded`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/x-www-form-urlencoded"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | | `depth` | Configure the maximum depth of the `qs` library when `extended` is `true`. This allows you to limit the amount of keys that are parsed and can be useful to prevent certain types of abuse. Defaults to `32`. It is recommended to keep this value as low as possible. | Number | `32` | diff --git a/src/content/api/4x/api/request/index.mdx b/src/content/api/4x/api/request/index.mdx index 30b402fb14..d396458052 100644 --- a/src/content/api/4x/api/request/index.mdx +++ b/src/content/api/4x/api/request/index.mdx @@ -314,7 +314,7 @@ may not be a function and instead a string or other user-input. -The value of this property can be configured with the [query parser application setting](../application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.org/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: +The value of this property can be configured with the [query parser application setting](../application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.com/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: ```js var qs = require('qs'); diff --git a/src/content/api/4x/api/response/index.mdx b/src/content/api/4x/api/response/index.mdx index 987cf46721..568aee7811 100644 --- a/src/content/api/4x/api/response/index.mdx +++ b/src/content/api/4x/api/response/index.mdx @@ -265,7 +265,7 @@ The following table provides details on the `options` parameter. | Property | Description | Default | Availability | | -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------ | -| `maxAge` | Sets the max-age property of the `Cache-Control` header in milliseconds or a string in [ms format](https://www.npmjs.org/package/ms) | 0 | 4.16+ | +| `maxAge` | Sets the max-age property of the `Cache-Control` header in milliseconds or a string in [ms format](https://www.npmjs.com/package/ms) | 0 | 4.16+ | | `root` | Root directory for relative filenames. | | 4.18+ | | `lastModified` | Sets the `Last-Modified` header to the last modified date of the file on the OS. Set `false` to disable it. | Enabled | 4.16+ | | `headers` | Object containing HTTP headers to serve with the file. The header `Content-Disposition` will be overridden by the `filename` argument. | | 4.16+ | @@ -649,7 +649,7 @@ The following table provides details on the `options` parameter. | Property | Description | Default | Availability | | -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------ | -| `maxAge` | Sets the max-age property of the `Cache-Control` header in milliseconds or a string in [ms format](https://www.npmjs.org/package/ms) | 0 | | +| `maxAge` | Sets the max-age property of the `Cache-Control` header in milliseconds or a string in [ms format](https://www.npmjs.com/package/ms) | 0 | | | `root` | Root directory for relative filenames. | | | | `lastModified` | Sets the `Last-Modified` header to the last modified date of the file on the OS. Set `false` to disable it. | Enabled | 4.9.0+ | | `headers` | Object containing HTTP headers to serve with the file. | | | diff --git a/src/content/api/5x/api/application/index.mdx b/src/content/api/5x/api/application/index.mdx index d370ef1565..2b6acf7e93 100644 --- a/src/content/api/5x/api/application/index.mdx +++ b/src/content/api/5x/api/application/index.mdx @@ -786,10 +786,10 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN | `json escape` | Boolean | Enable escaping JSON responses from the `res.json`, `res.jsonp`, and `res.send` APIs. This will escape the characters `<`, `>`, and `&` as Unicode escape sequences in JSON. The purpose of this is to assist with [mitigating certain types of persistent XSS attacks](https://blog.mozilla.org/security/2017/07/18/web-service-audits-firefox-accounts/) when clients sniff responses for HTML. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `json replacer` | Varied | The ['replacer' argument used by `JSON.stringify`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#the_replacer_parameter). **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `json spaces` | Varied | The ['space' argument used by `JSON.stringify`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#the_space_parameter). This is typically set to the number of spaces to use to indent prettified JSON. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `query parser` | Varied | Disable query parsing by setting the value to `false`, or set the query parser to use either "simple" or "extended" or a custom query string parsing function. The simple query parser is based on Node's native query parser, [querystring](https://nodejs.org/api/querystring.html). The extended query parser is based on [qs](https://www.npmjs.org/package/qs). A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. | "simple" | +| `query parser` | Varied | Disable query parsing by setting the value to `false`, or set the query parser to use either "simple" or "extended" or a custom query string parsing function. The simple query parser is based on Node's native query parser, [querystring](https://nodejs.org/api/querystring.html). The extended query parser is based on [qs](https://www.npmjs.com/package/qs). A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. | "simple" | | `strict routing` | Boolean | Enable strict routing. When enabled, the router treats "/foo" and "/foo/" as different. Otherwise, the router treats "/foo" and "/foo/" as the same. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | | `subdomain offset` | Number | The number of dot-separated parts of the host to remove to access subdomain. | 2 | -| `trust proxy` | Varied | Indicates the app is behind a front-facing proxy, and to use the `X-Forwarded-*` headers to determine the connection and the IP address of the client. NOTE: `X-Forwarded-*` headers are easily spoofed and the detected IP addresses are unreliable. When enabled, Express attempts to determine the IP address of the client connected through the front-facing proxy, or series of proxies. The `req.ips` property, then contains an array of IP addresses the client is connected through. To enable it, use the values described in the trust proxy options table below. The `trust proxy` setting is implemented using the [proxy-addr](https://www.npmjs.org/package/proxy-addr) package. For more information, see its documentation. **NOTE**: Sub-apps _will_ inherit the value of this setting, even though it has a default value. | `false` (disabled) | +| `trust proxy` | Varied | Indicates the app is behind a front-facing proxy, and to use the `X-Forwarded-*` headers to determine the connection and the IP address of the client. NOTE: `X-Forwarded-*` headers are easily spoofed and the detected IP addresses are unreliable. When enabled, Express attempts to determine the IP address of the client connected through the front-facing proxy, or series of proxies. The `req.ips` property, then contains an array of IP addresses the client is connected through. To enable it, use the values described in the trust proxy options table below. The `trust proxy` setting is implemented using the [proxy-addr](https://www.npmjs.com/package/proxy-addr) package. For more information, see its documentation. **NOTE**: Sub-apps _will_ inherit the value of this setting, even though it has a default value. | `false` (disabled) | | `views` | String or Array | A directory or an array of directories for the application's views. If an array, the views are looked up in the order they occur in the array. | `process.cwd() + '/views'` | | `view cache` | Boolean | Enables view template compilation caching. **NOTE**: Sub-apps will not inherit the value of this setting in production (when `NODE_ENV` is "production"). | `true` in production, otherwise undefined. | | `view engine` | String | The default engine extension to use when omitted. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | @@ -851,7 +851,7 @@ app.set('trust proxy', (ip) => { **NOTE**: These settings apply only to dynamic files, not static files. The `express.static` middleware ignores these settings. -The ETag functionality is implemented using the [etag](https://www.npmjs.org/package/etag) package. For more information, see its documentation. +The ETag functionality is implemented using the [etag](https://www.npmjs.com/package/etag) package. For more information, see its documentation. | Type | Value | | -------- | ---------------------------------------------------------------------------------------- | diff --git a/src/content/api/5x/api/express/index.mdx b/src/content/api/5x/api/express/index.mdx index 0ea7c9a324..241d5011e3 100644 --- a/src/content/api/5x/api/express/index.mdx +++ b/src/content/api/5x/api/express/index.mdx @@ -51,7 +51,7 @@ The following table describes the properties of the optional `options` object. | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | | `reviver` | The `reviver` option is passed directly to `JSON.parse` as the second argument. You can find more information on this argument [in the MDN documentation about JSON.parse](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#the_reviver_parameter). | Function | `null` | | `strict` | Enables or disables only accepting arrays and objects; when disabled will accept anything `JSON.parse` accepts. | Boolean | `true` | -| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `json`), a mime type (like `application/json`), or a mime type with a wildcard (like `*/*` or `*/json`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/json"` | +| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.com/package/type-is#readme) library and this can be an extension name (like `json`), a mime type (like `application/json`), or a mime type with a wildcard (like `*/*` or `*/json`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/json"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | @@ -89,7 +89,7 @@ The following table describes the properties of the optional `options` object. | --------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ---------------------------- | | `inflate` | Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | `true` | | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | -| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `bin`), a mime type (like `application/octet-stream`), or a mime type with a wildcard (like `*/*` or `application/*`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/octet-stream"` | +| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.com/package/type-is#readme) library and this can be an extension name (like `bin`), a mime type (like `application/octet-stream`), or a mime type with a wildcard (like `*/*` or `application/*`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/octet-stream"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | @@ -151,7 +151,7 @@ See also the [example below](#example-of-expressstatic). | `immutable` | Enable or disable the `immutable` directive in the `Cache-Control` response header. If enabled, the `maxAge` option should also be specified to enable caching. The `immutable` directive will prevent supported clients from making conditional requests during the life of the `maxAge` option to check if the file has changed. | Boolean | `false` | | `index` | Sends the specified directory index file. Set to `false` to disable directory indexing. | Mixed | "index.html" | | `lastModified` | Set the `Last-Modified` header to the last modified date of the file on the OS. | Boolean | `true` | -| `maxAge` | Set the max-age property of the Cache-Control header in milliseconds or a string in [ms format](https://www.npmjs.org/package/ms). | Number | 0 | +| `maxAge` | Set the max-age property of the Cache-Control header in milliseconds or a string in [ms format](https://www.npmjs.com/package/ms). | Number | 0 | | `redirect` | Redirect to trailing "/" when the pathname is a directory. | Boolean | `true` | | `setHeaders` | Function for setting HTTP headers to serve with the file.

See [setHeaders](#setheaders) below. | Function | | | `acceptRanges` | Enable or disable accepting ranged requests. Disabling this will not send the Accept-Ranges header and will ignore the contents of the Range request header. | Boolean | true | @@ -253,7 +253,7 @@ The following table describes the properties of the optional `options` object. | `defaultCharset` | Specify the default character set for the text content if the charset is not specified in the `Content-Type` header of the request. | String | `"utf-8"` | | `inflate` | Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | `true` | | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | -| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `txt`), a mime type (like `text/plain`), or a mime type with a wildcard (like `*/*` or `text/*`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"text/plain"` | +| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.com/package/type-is#readme) library and this can be an extension name (like `txt`), a mime type (like `text/plain`), or a mime type with a wildcard (like `*/*` or `text/*`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"text/plain"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | @@ -290,11 +290,11 @@ The following table describes the properties of the optional `options` object. | Property | Description | Type | Default | | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------------------------------- | -| `extended` | This option allows to choose between parsing the URL-encoded data with the `querystring` library (when `false`) or the `qs` library (when `true`). The "extended" syntax allows for rich objects and arrays to be encoded into the URL-encoded format, allowing for a JSON-like experience with URL-encoded. For more information, please [see the qs library](https://www.npmjs.org/package/qs#readme). | Boolean | `false` | +| `extended` | This option allows to choose between parsing the URL-encoded data with the `querystring` library (when `false`) or the `qs` library (when `true`). The "extended" syntax allows for rich objects and arrays to be encoded into the URL-encoded format, allowing for a JSON-like experience with URL-encoded. For more information, please [see the qs library](https://www.npmjs.com/package/qs#readme). | Boolean | `false` | | `inflate` | Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | `true` | | `limit` | Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the [bytes](https://www.npmjs.com/package/bytes) library for parsing. | Mixed | `"100kb"` | | `parameterLimit` | This option controls the maximum number of parameters that are allowed in the URL-encoded data. If a request contains more parameters than this value, an error will be raised. | Number | `1000` | -| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.org/package/type-is#readme) library and this can be an extension name (like `urlencoded`), a mime type (like `application/x-www-form-urlencoded`), or a mime type with a wildcard (like `*/x-www-form-urlencoded`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/x-www-form-urlencoded"` | +| `type` | This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, `type` option is passed directly to the [type-is](https://www.npmjs.com/package/type-is#readme) library and this can be an extension name (like `urlencoded`), a mime type (like `application/x-www-form-urlencoded`), or a mime type with a wildcard (like `*/x-www-form-urlencoded`). If a function, the `type` option is called as `fn(req)` and the request is parsed if it returns a truthy value. | Mixed | `"application/x-www-form-urlencoded"` | | `verify` | This option, if supplied, is called as `verify(req, res, buf, encoding)`, where `buf` is a `Buffer` of the raw request body and `encoding` is the encoding of the request. The parsing can be aborted by throwing an error. | Function | `undefined` | | `depth` | Configure the maximum depth of the `qs` library when `extended` is `true`. This allows you to limit the amount of keys that are parsed and can be useful to prevent certain types of abuse. Defaults to `32`. It is recommended to keep this value as low as possible. | Number | `32` | diff --git a/src/content/api/5x/api/request/index.mdx b/src/content/api/5x/api/request/index.mdx index db471e20cd..7693892acb 100644 --- a/src/content/api/5x/api/request/index.mdx +++ b/src/content/api/5x/api/request/index.mdx @@ -335,7 +335,7 @@ may not be a function and instead a string or other user-input. -The value of this property can be configured with the [query parser application setting](../application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.org/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: +The value of this property can be configured with the [query parser application setting](../application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.com/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: ```js const qs = require('qs'); diff --git a/src/content/api/5x/api/response/index.mdx b/src/content/api/5x/api/response/index.mdx index efc22659e0..8ec0564351 100644 --- a/src/content/api/5x/api/response/index.mdx +++ b/src/content/api/5x/api/response/index.mdx @@ -255,7 +255,7 @@ The following table provides details on the `options` parameter. | Property | Description | Default | Availability | | -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------ | -| `maxAge` | Sets the max-age property of the `Cache-Control` header in milliseconds or a string in [ms format](https://www.npmjs.org/package/ms) | 0 | 4.16+ | +| `maxAge` | Sets the max-age property of the `Cache-Control` header in milliseconds or a string in [ms format](https://www.npmjs.com/package/ms) | 0 | 4.16+ | | `root` | Root directory for relative filenames. | | 4.18+ | | `lastModified` | Sets the `Last-Modified` header to the last modified date of the file on the OS. Set `false` to disable it. | Enabled | 4.16+ | | `headers` | Object containing HTTP headers to serve with the file. The header `Content-Disposition` will be overridden by the `filename` argument. | | 4.16+ | @@ -612,7 +612,7 @@ The following table provides details on the `options` parameter. | Property | Description | Default | Availability | | -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------ | -| `maxAge` | Sets the max-age property of the `Cache-Control` header in milliseconds or a string in [ms format](https://www.npmjs.org/package/ms) | 0 | | +| `maxAge` | Sets the max-age property of the `Cache-Control` header in milliseconds or a string in [ms format](https://www.npmjs.com/package/ms) | 0 | | | `root` | Root directory for relative filenames. | | | | `lastModified` | Sets the `Last-Modified` header to the last modified date of the file on the OS. Set `false` to disable it. | Enabled | 4.9.0+ | | `headers` | Object containing HTTP headers to serve with the file. | | | From 46bd047557f32ddc102f81652d4b5e9d4b956eb5 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Mon, 25 May 2026 18:03:41 +0200 Subject: [PATCH 08/16] revert change to autogenerated section --- src/content/pages/en/resources/contributing.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/pages/en/resources/contributing.mdx b/src/content/pages/en/resources/contributing.mdx index 1b8e952bea..e3b292a74a 100644 --- a/src/content/pages/en/resources/contributing.mdx +++ b/src/content/pages/en/resources/contributing.mdx @@ -332,7 +332,7 @@ This allows us to collaborate on a fix while maintaining the confidentiality of the report. To report a vulnerability -([docs](https://docs.github.com/en/code-security/how-tos/report-and-fix-vulnerabilities/privately-reporting-a-security-vulnerability)): +([docs](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability)): 1. Visit the **Security** tab of the affected repository on GitHub. 2. Click **Report a vulnerability** and follow the provided steps. From 744e7b487d160b52d2e4709681204129adc430e2 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Thu, 28 May 2026 16:07:57 +0200 Subject: [PATCH 09/16] Make links relative to root This means that other translations will require replacing `/en/` with the appropriate language code and when a new version is released, links in copied documentation will have to be updated. Unfortunately, this is required for unversioned pages that load the latest API/guides to work, unless I can figure out how to use templates in `*.mdx` and pass values when rendering them from `*.astro` --- src/content/api/3x/api/request/index.mdx | 4 +- src/content/api/3x/api/response/index.mdx | 8 +- src/content/api/4x/api/application/index.mdx | 88 +++++++++--------- src/content/api/4x/api/express/index.mdx | 22 ++--- src/content/api/4x/api/request/index.mdx | 30 +++---- src/content/api/4x/api/response/index.mdx | 18 ++-- src/content/api/4x/api/router/index.mdx | 8 +- src/content/api/5x/api/application/index.mdx | 90 +++++++++---------- src/content/api/5x/api/express/index.mdx | 22 ++--- src/content/api/5x/api/request/index.mdx | 32 +++---- src/content/api/5x/api/response/index.mdx | 16 ++-- src/content/api/5x/api/router/index.mdx | 8 +- .../docs/en/4x/guide/behind-proxies.mdx | 11 +-- src/content/docs/en/4x/guide/debugging.mdx | 2 +- .../docs/en/4x/guide/error-handling.mdx | 2 +- .../en/4x/guide/overriding-express-api.md | 2 +- src/content/docs/en/4x/guide/routing.mdx | 36 ++++---- .../docs/en/4x/guide/using-middleware.mdx | 14 +-- .../en/4x/guide/using-template-engines.mdx | 4 +- .../docs/en/4x/guide/writing-middleware.mdx | 10 +-- .../docs/en/4x/starter/basic-routing.mdx | 4 +- src/content/docs/en/4x/starter/faq.md | 8 +- .../docs/en/4x/starter/hello-world.mdx | 4 +- .../docs/en/4x/starter/static-files.mdx | 8 +- .../docs/en/5x/guide/behind-proxies.mdx | 11 +-- src/content/docs/en/5x/guide/debugging.mdx | 2 +- .../docs/en/5x/guide/error-handling.mdx | 2 +- .../en/5x/guide/overriding-express-api.md | 2 +- src/content/docs/en/5x/guide/routing.mdx | 38 ++++---- .../docs/en/5x/guide/using-middleware.mdx | 14 +-- .../en/5x/guide/using-template-engines.mdx | 4 +- .../docs/en/5x/guide/writing-middleware.mdx | 6 +- .../docs/en/5x/starter/basic-routing.mdx | 4 +- src/content/docs/en/5x/starter/faq.md | 8 +- .../docs/en/5x/starter/hello-world.mdx | 4 +- .../docs/en/5x/starter/static-files.mdx | 8 +- .../en/advanced/best-practice-security.mdx | 4 +- .../pages/en/advanced/security-updates.mdx | 2 +- src/content/pages/en/guide/migrating-4.mdx | 2 +- src/content/pages/en/guide/migrating-5.mdx | 4 +- src/content/pages/en/resources/community.mdx | 4 +- .../pages/en/resources/contributing.mdx | 2 +- src/content/pages/en/resources/glossary.mdx | 4 +- src/content/pages/en/support.md | 16 ++-- 44 files changed, 297 insertions(+), 295 deletions(-) diff --git a/src/content/api/3x/api/request/index.mdx b/src/content/api/3x/api/request/index.mdx index 25b7473dfa..fe644714f7 100644 --- a/src/content/api/3x/api/request/index.mdx +++ b/src/content/api/3x/api/request/index.mdx @@ -164,7 +164,7 @@ where "proxy2" is the furthest down-stream. This property is much like `req.url`, however it retains the original request url, allowing you to rewrite `req.url` freely for internal routing purposes. For example the "mounting" feature -of [app.use()](../application/#appusepath-function) will rewrite `req.url` to +of [app.use()](/en/3x/api/application/#appusepath-function) will rewrite `req.url` to strip the mount point. ```js @@ -243,7 +243,7 @@ console.dir(req.query.shoe.type); ### req.res -This property holds a reference to the [response object](../response/) +This property holds a reference to the [response object](/en/3x/api/response/) that relates to this request object. ### req.route diff --git a/src/content/api/3x/api/response/index.mdx b/src/content/api/3x/api/response/index.mdx index 9e18ed6744..4e1158e0c7 100644 --- a/src/content/api/3x/api/response/index.mdx +++ b/src/content/api/3x/api/response/index.mdx @@ -24,7 +24,7 @@ res.send('

some html

'); Response local variables are scoped to the request, thus only available to the view(s) rendered during that request / response -cycle, if any. Otherwise this API is identical to [app.locals](../application/#applocals). +cycle, if any. Otherwise this API is identical to [app.locals](/en/3x/api/application/#applocals). This object is useful for exposing request-level information such as the request pathname, authenticated user, user settings etcetera. @@ -39,7 +39,7 @@ app.use(function (req, res, next) { ### res.req -This property holds a reference to the [request object](../request/) +This property holds a reference to the [request object](/en/3x/api/request/) that relates to this response object. ## Methods @@ -106,7 +106,7 @@ to sign the value. res.cookie('name', 'tobi', { signed: true }); ``` -Later you may access this value through the [req.signedCookie](../request/#reqsignedcookies) +Later you may access this value through the [req.signedCookie](/en/3x/api/request/#reqsignedcookies) object. ### res.download(path, [filename], [fn]) @@ -230,7 +230,7 @@ res.jsonp(500, { error: 'message' }); ``` By default the JSONP callback name is simply `callback`, -however you may alter this with the [jsonp callback name](../application/#settings) +however you may alter this with the [jsonp callback name](/en/3x/api/application/#settings) setting. The following are some examples of JSONP responses using the same code: diff --git a/src/content/api/4x/api/application/index.mdx b/src/content/api/4x/api/application/index.mdx index 5a485efe1c..c3ee6103ce 100644 --- a/src/content/api/4x/api/application/index.mdx +++ b/src/content/api/4x/api/application/index.mdx @@ -31,7 +31,7 @@ for more information, see [Application Settings](#application-settings). -The Express application object can be referred from the [request object](../request/) and the [response object](../response/) as `req.app`, and `res.app`, respectively. +The Express application object can be referred from the [request object](/en/4x/api/request/) and the [response object](/en/4x/api/response/) as `req.app`, and `res.app`, respectively. @@ -40,7 +40,7 @@ The Express application object can be referred from the [request object](../requ ### app.locals The `app.locals` object has properties that are local variables within the application, -and will be available in templates rendered with [res.render](../response/#resrenderview--locals--callback). +and will be available in templates rendered with [res.render](/en/4x/api/response/#resrenderview--locals--callback). @@ -60,12 +60,12 @@ console.dir(app.locals.email); ``` Once set, the value of `app.locals` properties persist throughout the life of the application, -in contrast with [res.locals](../response/#reslocals) properties that +in contrast with [res.locals](/en/4x/api/response/#reslocals) properties that are valid only for the lifetime of the request. You can access local variables in templates rendered within the application. This is useful for providing helper functions to templates, as well as application-level data. -Local variables are available in middleware via `req.app.locals` (see [req.app](../request/#reqapp)) +Local variables are available in middleware via `req.app.locals` (see [req.app](/en/4x/api/request/#reqapp)) ```js app.locals.title = 'My App'; @@ -97,7 +97,7 @@ admin.get('/', function (req, res) { app.use('/admin', admin); // mount the sub app ``` -It is similar to the [baseUrl](../request/#reqbaseurl) property of the `req` object, except `req.baseUrl` +It is similar to the [baseUrl](/en/4x/api/request/#reqbaseurl) property of the `req` object, except `req.baseUrl` returns the matched URL path, instead of the matched patterns. If a sub-app is mounted on multiple path patterns, `app.mountpath` returns the list of @@ -163,10 +163,10 @@ except it matches all HTTP verbs. #### Arguments -| Argument | Description | Default | -| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| Argument | Description | Default | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](/en/4x/api/router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Examples @@ -209,14 +209,14 @@ app.all('/api/*', requireAuthentication); ### app.delete(path, callback [, callback ...]) Routes HTTP DELETE requests to the specified path with the specified callback functions. -For more information, see the [routing guide](../../guide/routing/). +For more information, see the [routing guide](/en/4x/guide/routing/). #### Arguments -| Argument | Description | Default | -| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| Argument | Description | Default | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](/en/4x/api/router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Example @@ -335,12 +335,12 @@ Routes HTTP GET requests to the specified path with the specified callback funct #### Arguments -| Argument | Description | Default | -| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| Argument | Description | Default | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](/en/4x/api/router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | -For more information, see the [routing guide](../../guide/routing/). +For more information, see the [routing guide](/en/4x/guide/routing/). #### Example @@ -414,10 +414,10 @@ PUT, POST, and so on, in lowercase. Thus, the actual methods are `app.get()`, #### Arguments -| Argument | Description | Default | -| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| Argument | Description | Default | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](/en/4x/api/router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Routing methods @@ -518,11 +518,11 @@ The method, `app.all()`, is not derived from any HTTP method and loads middlewar the specified path for _all_ HTTP request methods. For more information, see [app.all](#appallpath-callback--callback-). -For more information on routing, see the [routing guide](../../guide/routing/). +For more information on routing, see the [routing guide](/en/4x/guide/routing/). ### app.param([name], callback) -Add callback triggers to [route parameters](../../guide/routing/#route-parameters), where `name` is the name of the parameter or an array of them, and `callback` is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order. +Add callback triggers to [route parameters](/en/4x/guide/routing/#route-parameters), where `name` is the name of the parameter or an array of them, and `callback` is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order. If `name` is an array, the `callback` trigger is registered for each parameter declared in it, in the order in which they are declared. Furthermore, for each declared parameter except the last one, a call to `next` inside the callback will call the callback for the next declared parameter. For the last parameter, a call to `next` will call the next middleware in place for the route currently being processed, just like it would if `name` were just a string. @@ -701,19 +701,19 @@ console.dir(blogAdmin.path()); // '/blog/admin' ``` The behavior of this method can become very complicated in complex cases of mounted apps: -it is usually better to use [req.baseUrl](../request/#reqbaseurl) to get the canonical path of the app. +it is usually better to use [req.baseUrl](/en/4x/api/request/#reqbaseurl) to get the canonical path of the app. ### app.post(path, callback [, callback ...]) Routes HTTP POST requests to the specified path with the specified callback functions. -For more information, see the [routing guide](../../guide/routing). +For more information, see the [routing guide](/en/4x/guide/routing). #### Arguments -| Argument | Description | Default | -| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| Argument | Description | Default | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](/en/4x/api/router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Example @@ -729,10 +729,10 @@ Routes HTTP PUT requests to the specified path with the specified callback funct #### Arguments -| Argument | Description | Default | -| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| Argument | Description | Default | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](/en/4x/api/router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Example @@ -745,7 +745,7 @@ app.put('/', function (req, res) { ### app.render(view, [locals], callback) Returns the rendered HTML of a view via the `callback` function. It accepts an optional parameter -that is an object containing local variables for the view. It is like [res.render()](../response/#resrenderview--locals--callback), +that is an object containing local variables for the view. It is like [res.render()](/en/4x/api/response/#resrenderview--locals--callback), except it cannot send the rendered view to the client on its own. @@ -859,7 +859,7 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN #### Options for `trust proxy` setting -Read [Express behind proxies](../../guide/behind-proxies) for more information. +Read [Express behind proxies](/en/4x/guide/behind-proxies) for more information. **Boolean**: If `true`, the client's IP address is understood as the left-most entry in the `X-Forwarded-*` header. If `false`, the app is understood as directly facing the Internet and the client's IP address is derived from `req.connection.remoteAddress`. This is the default setting. @@ -929,16 +929,16 @@ app.set('etag', function (body, encoding) { ### app.use([path,] callback [, callback...]) -Mounts the specified [middleware](../../guide/using-middleware) function or functions +Mounts the specified [middleware](/en/4x/guide/using-middleware) function or functions at the specified path: the middleware function is executed when the base of the requested path matches `path`. #### Arguments -| Argument | Description | Default | -| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](../router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | +| Argument | Description | Default | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked; can be any of: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array of combinations of any of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | Callback functions; can be: a middleware function, a series of middleware functions (separated by commas), an array of middleware functions, or a combination of all of the above. You can provide multiple callback functions that behave just like middleware, except that these callbacks can invoke `next('route')` to bypass the remaining route callback(s). You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there is no reason to proceed with the current route. Since [router](/en/4x/api/router/) and [app](#overview) implement the middleware interface, you can use them as you would any other middleware function. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | None | #### Description @@ -984,7 +984,7 @@ app.get('/', function (req, res) { **Error-handling middleware** -Error-handling middleware always takes _four_ arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don't need to use the `next` object, you must specify it to maintain the signature. Otherwise, the `next` object will be interpreted as regular middleware and will fail to handle errors. For details about error-handling middleware, see: [Error handling](../../guide/error-handling). +Error-handling middleware always takes _four_ arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don't need to use the `next` object, you must specify it to maintain the signature. Otherwise, the `next` object will be interpreted as regular middleware and will fail to handle errors. For details about error-handling middleware, see: [Error handling](/en/4x/guide/error-handling). Define error-handling middleware functions in the same way as other middleware functions, except with four arguments instead of three, specifically with the signature `(err, req, res, next)`): @@ -1149,7 +1149,7 @@ subApp.get('/', function (req, res, next) { app.use(mw1, [mw2, r1, r2], subApp); ``` -Following are some examples of using the [express.static](../../guide/using-middleware/#built-in-middleware) +Following are some examples of using the [express.static](/en/4x/guide/using-middleware/#built-in-middleware) middleware in an Express app. Serve static content for the app from the "public" directory in the application directory: diff --git a/src/content/api/4x/api/express/index.mdx b/src/content/api/4x/api/express/index.mdx index b4c1c9abda..83ff930a09 100644 --- a/src/content/api/4x/api/express/index.mdx +++ b/src/content/api/4x/api/express/index.mdx @@ -20,7 +20,7 @@ var app = express(); This is a built-in middleware function in Express. It parses incoming requests with JSON payloads and is based on -[body-parser](../../../resources/middleware/body-parser). +[body-parser](/en/resources/middleware/body-parser). Returns middleware that only parses JSON and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts any @@ -62,7 +62,7 @@ The following table describes the properties of the optional `options` object. This is a built-in middleware function in Express. It parses incoming request payloads into a `Buffer` and is based on -[body-parser](../../../resources/middleware/body-parser). +[body-parser](/en/resources/middleware/body-parser). Returns middleware that parses all bodies as a `Buffer` and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts @@ -98,7 +98,7 @@ The following table describes the properties of the optional `options` object. ### express.Router([options]) -Creates a new [router](../router/) object. +Creates a new [router](/en/4x/api/router/) object. ```js var router = express.Router([options]); @@ -119,17 +119,17 @@ The optional `options` parameter specifies the behavior of the router. You can add middleware and HTTP method routes (such as `get`, `put`, `post`, and so on) to `router` just like an application. -For more information, see [Router](../router/). +For more information, see [Router](/en/4x/api/router/). ### express.static(root, [options]) This is a built-in middleware function in Express. -It serves static files and is based on [serve-static](../../../resources/middleware/serve-static). +It serves static files and is based on [serve-static](/en/resources/middleware/serve-static). For best results, [use a reverse -proxy](../../../advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of +proxy](/en/advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of serving static assets. @@ -161,8 +161,8 @@ See also the [example below](#example-of-expressstatic). -For more information, see [Serving static files in Express](../../starter/static-files). -and [Using middleware - Built-in middleware](../../guide/using-middleware/#built-in-middleware). +For more information, see [Serving static files in Express](/en/4x/starter/static-files). +and [Using middleware - Built-in middleware](/en/4x/guide/using-middleware/#built-in-middleware). #### dotfiles @@ -198,7 +198,7 @@ fn(res, path, stat); Arguments: -- `res`, the [response object](../response/). +- `res`, the [response object](/en/4x/api/response/). - `path`, the file path that is being sent. - `stat`, the `stat` object of the file that is being sent. @@ -228,7 +228,7 @@ app.use(express.static('public', options)); This is a built-in middleware function in Express. It parses incoming request payloads into a string and is based on -[body-parser](../../../resources/middleware/body-parser). +[body-parser](/en/resources/middleware/body-parser). Returns middleware that parses all bodies as a string and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts @@ -268,7 +268,7 @@ The following table describes the properties of the optional `options` object. This middleware is available in Express v4.16.0 onwards. This is a built-in middleware function in Express. It parses incoming requests -with urlencoded payloads and is based on [body-parser](../../../resources/middleware/body-parser). +with urlencoded payloads and is based on [body-parser](/en/resources/middleware/body-parser). Returns middleware that only parses urlencoded bodies and only looks at requests where the `Content-Type` header matches the `type` option. This diff --git a/src/content/api/4x/api/request/index.mdx b/src/content/api/4x/api/request/index.mdx index d396458052..dedf1502a9 100644 --- a/src/content/api/4x/api/request/index.mdx +++ b/src/content/api/4x/api/request/index.mdx @@ -67,7 +67,7 @@ module.exports = function (req, res) { The URL path on which a router instance was mounted. -The `req.baseUrl` property is similar to the [mountpath](../application/#appmountpath) property of the `app` object, +The `req.baseUrl` property is similar to the [mountpath](/en/4x/api/application/#appmountpath) property of the `app` object, except `app.mountpath` returns the matched path pattern(s). For example: @@ -98,7 +98,7 @@ made to `/hello/jp`, `req.baseUrl` is "/hello". Contains key-value pairs of data submitted in the request body. By default, it is `undefined`, and is populated when you use body-parsing middleware such -as [`express.json()`](../express/#expressjsonoptions) or [`express.urlencoded()`](../express/#expressurlencodedoptions). +as [`express.json()`](/en/4x/api/express/#expressjsonoptions) or [`express.urlencoded()`](/en/4x/api/express/#expressurlencodedoptions). @@ -158,7 +158,7 @@ console.dir(req.fresh); Contains the hostname derived from the `Host` HTTP header. -When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) +When the [`trust proxy` setting](/en/4x/api/application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property will instead get the value from the `X-Forwarded-Host` header field. This header can be set by the client or by the proxy. @@ -184,7 +184,7 @@ console.dir(req.hostname); Contains the remote IP address of the request. -When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, +When the [`trust proxy` setting](/en/4x/api/application/#options-for-trust-proxy-setting) does not evaluate to `false`, the value of this property is derived from the left-most entry in the `X-Forwarded-For` header. This header can be set by the client or by the proxy. @@ -195,7 +195,7 @@ console.dir(req.ip); ### req.ips -When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, +When the [`trust proxy` setting](/en/4x/api/application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property contains an array of IP addresses specified in the `X-Forwarded-For` request header. Otherwise, it contains an empty array. This header can be set by the client or by the proxy. @@ -219,7 +219,7 @@ module](https://nodejs.org/api/http.html#http_message_url). This property is much like `req.url`; however, it retains the original request URL, allowing you to rewrite `req.url` freely for internal routing purposes. For example, -the "mounting" feature of [app.use()](../application/#appusepath-callback--callback) will rewrite `req.url` to strip the mount point. +the "mounting" feature of [app.use()](/en/4x/api/application/#appusepath-callback--callback) will rewrite `req.url` to strip the mount point. ```js // GET /search?q=something @@ -242,7 +242,7 @@ app.use('/admin', function (req, res, next) { ### req.params -This property is an object containing properties mapped to the [named route "parameters"](../../guide/routing/#route-parameters). For example, if you have the route `/user/:name`, then the "name" property is available as `req.params.name`. This object defaults to `{}`. +This property is an object containing properties mapped to the [named route "parameters"](/en/4x/guide/routing/#route-parameters). For example, if you have the route `/user/:name`, then the "name" property is available as `req.params.name`. This object defaults to `{}`. ```js // GET /user/tj @@ -260,7 +260,7 @@ console.dir(req.params[0]); Named capturing groups in regular expressions behave like named route parameters. For example the group from `/^\/file\/(?.*)$/` expression is available as `req.params.path`. -If you need to make changes to a key in `req.params`, use the [app.param](../application/#appparamname-callback) handler. Changes are applicable only to [parameters](../../guide/routing/#route-parameters) already defined in the route path. +If you need to make changes to a key in `req.params`, use the [app.param](/en/4x/api/application/#appparamname-callback) handler. Changes are applicable only to [parameters](/en/4x/guide/routing/#route-parameters) already defined in the route path. Any changes made to the `req.params` object in a middleware or route handler will be reset. @@ -283,7 +283,7 @@ console.dir(req.path); When called from a middleware, the mount point is not included in `req.path`. See -[app.use()](../application/#appusepath-callback--callback) for more details. +[app.use()](/en/4x/api/application/#appusepath-callback--callback) for more details. @@ -291,7 +291,7 @@ When called from a middleware, the mount point is not included in `req.path`. Se Contains the request protocol string: either `http` or (for TLS requests) `https`. -When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, +When the [`trust proxy` setting](/en/4x/api/application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property will use the value of the `X-Forwarded-Proto` header field if present. This header can be set by the client or by the proxy. @@ -303,7 +303,7 @@ console.dir(req.protocol); ### req.query This property is an object containing a property for each query string parameter in the route. -When [query parser](../application/#application-settings) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser. +When [query parser](/en/4x/api/application/#application-settings) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser. @@ -314,7 +314,7 @@ may not be a function and instead a string or other user-input. -The value of this property can be configured with the [query parser application setting](../application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.com/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: +The value of this property can be configured with the [query parser application setting](/en/4x/api/application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.com/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: ```js var qs = require('qs'); @@ -325,11 +325,11 @@ app.set('query parser', function (str) { }); ``` -Check out the [query parser application setting](../application/#application-settings) documentation for other customization options. +Check out the [query parser application setting](/en/4x/api/application/#application-settings) documentation for other customization options. ### req.res -This property holds a reference to the [response object](../response) +This property holds a reference to the [response object](/en/4x/api/response) that relates to this request object. ### req.route @@ -407,7 +407,7 @@ console.dir(req.subdomains); The application property `subdomain offset`, which defaults to 2, is used for determining the beginning of the subdomain segments. To change this behavior, change its value -using [app.set](../application/#appsetname-value). +using [app.set](/en/4x/api/application/#appsetname-value). ### req.xhr diff --git a/src/content/api/4x/api/response/index.mdx b/src/content/api/4x/api/response/index.mdx index 568aee7811..605288d59f 100644 --- a/src/content/api/4x/api/response/index.mdx +++ b/src/content/api/4x/api/response/index.mdx @@ -36,7 +36,7 @@ and supports all [built-in fields and methods](https://nodejs.org/api/http.html# This property holds a reference to the instance of the Express application that is using the middleware. -`res.app` is identical to the [req.app](../request/#reqapp) property in the request object. +`res.app` is identical to the [req.app](/en/4x/api/request/#reqapp) property in the request object. ### res.headersSent @@ -66,7 +66,7 @@ for the used view engine for additional considerations. In order to keep local variables for use in template rendering between requests, use -[app.locals](../application/#applocals) instead. +[app.locals](/en/4x/api/application/#applocals) instead. This property is useful for exposing request-level information such as the request path name, authenticated user, user settings, and so on to templates rendered within the application. @@ -82,7 +82,7 @@ app.use(function (req, res, next) { ### res.req -This property holds a reference to the [request object](../request/) +This property holds a reference to the [request object](/en/4x/api/request/) that relates to this response object. ## Methods @@ -238,7 +238,7 @@ Then `res.cookie()` will use the secret passed to `cookieParser(secret)` to sign res.cookie('name', 'tobi', { signed: true }); ``` -Later you may access this value through the [req.signedCookie](../request/#reqsignedcookies) object. +Later you may access this value through the [req.signedCookie](/en/4x/api/request/#reqsignedcookies) object. ### res.download(path [, filename] [, options] [, fn]) @@ -310,7 +310,7 @@ res.status(404).end(); ### res.format(object) Performs content-negotiation on the `Accept` HTTP header on the request object, when present. -It uses [req.accepts()](../request/#reqacceptstypes) to select a handler for the request, based on the acceptable +It uses [req.accepts()](/en/4x/api/request/#reqacceptstypes) to select a handler for the request, based on the acceptable types ordered by their quality values. If the header is not specified, the first callback is invoked. When no match is found, the server responds with 406 "Not Acceptable", or invokes the `default` callback. @@ -402,7 +402,7 @@ res.status(500).jsonp({ error: 'message' }); By default, the JSONP callback name is simply `callback`. Override this with the -[jsonp callback name](../application/#application-settings) setting. +[jsonp callback name](/en/4x/api/application/#application-settings) setting. The following are some examples of JSONP responses using the same code: @@ -458,7 +458,7 @@ res.location('back'); A `path` value of "back" has a special meaning, it refers to the URL specified in the `Referer` header of the request. If the `Referer` header was not specified, it refers to "/". See also [Security best practices: Prevent open redirect -vulnerabilities](../../../advanced/best-practice-security/#prevent-open-redirects). +vulnerabilities](/en/advanced/best-practice-security/#prevent-open-redirects). After encoding the URL, if not encoded already, Express passes the specified URL to the browser in the `Location` header, @@ -532,7 +532,7 @@ res.redirect('back'); See also [Security best practices: Prevent open redirect -vulnerabilities](../../../advanced/best-practice-security/#prevent-open-redirects). +vulnerabilities](/en/advanced/best-practice-security/#prevent-open-redirects). ### res.render(view [, locals] [, callback]) @@ -544,7 +544,7 @@ Optional parameters: The `view` argument is a string that is the file path of the view file to render. This can be an absolute path, or a path relative to the `views` setting. If the path does not contain a file extension, then the `view engine` setting determines the file extension. If the path does contain a file extension, then Express will load the module for the specified template engine (via `require()`) and render it using the loaded module's `__express` function. -For more information, see [Using template engines with Express](../../guide/using-template-engines). +For more information, see [Using template engines with Express](/en/4x/guide/using-template-engines). diff --git a/src/content/api/4x/api/router/index.mdx b/src/content/api/4x/api/router/index.mdx index c6a9d0c375..2517e3fac3 100644 --- a/src/content/api/4x/api/router/index.mdx +++ b/src/content/api/4x/api/router/index.mdx @@ -10,9 +10,9 @@ as a "mini-application," capable only of performing middleware and routing functions. Every Express application has a built-in app router. A router behaves like middleware itself, so you can use it as an argument to -[app.use()](../application#appusepath-callback--callback) or as the argument to another router's [use()](#routerusepath-function--function) method. +[app.use()](/en/4x/api/application#appusepath-callback--callback) or as the argument to another router's [use()](#routerusepath-function--function) method. -The top-level `express` object has a [Router()](../express#expressrouteroptions) method that creates a new `router` object. +The top-level `express` object has a [Router()](/en/4x/api/express#expressrouteroptions) method that creates a new `router` object. Once you've created a router object, you can add middleware and HTTP method routes (such as `get`, `put`, `post`, and so on) to it just like an application. For example: @@ -306,8 +306,8 @@ belong to the route to which they were added. Uses the specified middleware function or functions, with optional mount path `path`, that defaults to "/". -This method is similar to [app.use()](../application#appusepath-callback--callback). A simple example and use case is described below. -See [app.use()](../application#appusepath-callback--callback) for more information. +This method is similar to [app.use()](/en/4x/api/application#appusepath-callback--callback). A simple example and use case is described below. +See [app.use()](/en/4x/api/application#appusepath-callback--callback) for more information. Middleware is like a plumbing pipe: requests start at the first middleware function defined and work their way "down" the middleware stack processing for each path they match. diff --git a/src/content/api/5x/api/application/index.mdx b/src/content/api/5x/api/application/index.mdx index 2b6acf7e93..4b102e4fff 100644 --- a/src/content/api/5x/api/application/index.mdx +++ b/src/content/api/5x/api/application/index.mdx @@ -31,7 +31,7 @@ for more information, see [Application settings](#application-settings). -The Express application object can be referred from the [request object](../request/) and the [response object](../response/) as `req.app`, and `res.app`, respectively. +The Express application object can be referred from the [request object](/en/5x/api/request/) and the [response object](/en/5x/api/response/) as `req.app`, and `res.app`, respectively. @@ -40,7 +40,7 @@ The Express application object can be referred from the [request object](../requ ### app.locals The `app.locals` object has properties that are local variables within the application, -and will be available in templates rendered with [res.render](../response/#resrenderview--locals--callback). +and will be available in templates rendered with [res.render](/en/5x/api/response/#resrenderview--locals--callback). @@ -60,12 +60,12 @@ console.dir(app.locals.email); ``` Once set, the value of `app.locals` properties persist throughout the life of the application, -in contrast with [res.locals](../response/#reslocals) properties that +in contrast with [res.locals](/en/5x/api/response/#reslocals) properties that are valid only for the lifetime of the request. You can access local variables in templates rendered within the application. This is useful for providing helper functions to templates, as well as application-level data. -Local variables are available in middleware via `req.app.locals` (see [req.app](../request/#reqapp)) +Local variables are available in middleware via `req.app.locals` (see [req.app](/en/5x/api/request/#reqapp)) ```js app.locals.title = 'My App'; @@ -97,7 +97,7 @@ admin.get('/', (req, res) => { app.use('/admin', admin); // mount the sub app ``` -It is similar to the [baseUrl](../request/#reqbaseurl) property of the `req` object, except `req.baseUrl` +It is similar to the [baseUrl](/en/5x/api/request/#reqbaseurl) property of the `req` object, except `req.baseUrl` returns the matched URL path, instead of the matched patterns. If a sub-app is mounted on multiple path patterns, `app.mountpath` returns the list of @@ -139,7 +139,7 @@ app.listen(3000); You can add middleware and HTTP method routes to the `router` just like an application. -For more information, see [Router](../router/). +For more information, see [Router](/en/5x/api/router/). ## Events @@ -183,10 +183,10 @@ except it matches all HTTP verbs. #### Arguments -| Argument | Description | Default | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | -| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| Argument | Description | Default | +| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](/en/5x/api/router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Examples @@ -229,14 +229,14 @@ app.all('/api/{*splat}', requireAuthentication); ### app.delete(path, callback [, callback ...]) Routes HTTP DELETE requests to the specified path with the specified callback functions. -For more information, see the [routing guide](../../guide/routing/). +For more information, see the [routing guide](/en/5x/guide/routing/). #### Arguments -| Argument | Description | Default | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | -| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| Argument | Description | Default | +| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](/en/5x/api/router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Example @@ -355,12 +355,12 @@ Routes HTTP GET requests to the specified path with the specified callback funct #### Arguments -| Argument | Description | Default | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | -| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| Argument | Description | Default | +| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](/en/5x/api/router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | -For more information, see the [routing guide](../../guide/routing/). +For more information, see the [routing guide](/en/5x/guide/routing/). #### Example @@ -436,10 +436,10 @@ PUT, POST, and so on, in lowercase. Thus, the actual methods are `app.get()`, #### Arguments -| Argument | Description | Default | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | -| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| Argument | Description | Default | +| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](/en/5x/api/router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Routing methods @@ -540,11 +540,11 @@ The method, `app.all()`, is not derived from any HTTP method and loads middlewar the specified path for _all_ HTTP request methods. For more information, see [app.all](#appallpath-callback--callback-). -For more information on routing, see the [routing guide](../../guide/routing/). +For more information on routing, see the [routing guide](/en/5x/guide/routing/). ### app.param(name, callback) -Add callback triggers to [route parameters](../../guide/routing/#route-parameters), where `name` is the name of the parameter or an array of them, and `callback` is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order. +Add callback triggers to [route parameters](/en/5x/guide/routing/#route-parameters), where `name` is the name of the parameter or an array of them, and `callback` is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order. If `name` is an array, the `callback` trigger is registered for each parameter declared in it, in the order in which they are declared. Furthermore, for each declared parameter except the last one, a call to `next` inside the callback will call the callback for the next declared parameter. For the last parameter, a call to `next` will call the next middleware in place for the route currently being processed, just like it would if `name` were just a string. @@ -639,19 +639,19 @@ console.log(blogAdmin.path()); // '/blog/admin' ``` The behavior of this method can become very complicated in complex cases of mounted apps: -it is usually better to use [req.baseUrl](../request/#reqbaseurl) to get the canonical path of the app. +it is usually better to use [req.baseUrl](/en/5x/api/request/#reqbaseurl) to get the canonical path of the app. ### app.post(path, callback [, callback ...]) Routes HTTP POST requests to the specified path with the specified callback functions. -For more information, see the [routing guide](../../guide/routing/). +For more information, see the [routing guide](/en/5x/guide/routing/). #### Arguments -| Argument | Description | Default | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | -| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| Argument | Description | Default | +| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](/en/5x/api/router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Example @@ -667,10 +667,10 @@ Routes HTTP PUT requests to the specified path with the specified callback funct #### Arguments -| Argument | Description | Default | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | -| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| Argument | Description | Default | +| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](/en/5x/api/router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Example @@ -683,7 +683,7 @@ app.put('/', (req, res) => { ### app.render(view, [locals], callback) Returns the rendered HTML of a view via the `callback` function. It accepts an optional parameter -that is an object containing local variables for the view. It is like [res.render()](../response/#resrenderview--locals--callback), +that is an object containing local variables for the view. It is like [res.render()](/en/5x/api/response/#resrenderview--locals--callback), except it cannot send the rendered view to the client on its own. @@ -797,7 +797,7 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN #### Options for `trust proxy` setting -Read [Express behind proxies](../../guide/behind-proxies) for more information. +Read [Express behind proxies](/en/5x/guide/behind-proxies) for more information. **Boolean**: If `true`, the client's IP address is understood as the left-most entry in the `X-Forwarded-*` header. If `false`, the app is understood as directly facing the Internet and the client's IP address is derived from `req.connection.remoteAddress`. This is the default setting. @@ -867,16 +867,16 @@ app.set('etag', (body, encoding) => { ### app.use([path,] callback [, callback...]) -Mounts the specified [middleware](../../guide/using-middleware) function or functions +Mounts the specified [middleware](/en/5x/guide/using-middleware) function or functions at the specified path: the middleware function is executed when the base of the requested path matches `path`. #### Arguments -| Argument | Description | Default | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- | -| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | -| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](../router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | +| Argument | Description | Default | +| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | +| `path` | The path for which the middleware function is invoked. It can be any of the following: a string representing a path, a path pattern, a regular expression pattern to match paths, or an array containing any combination of the above. For examples, see [Path examples](#path-examples). | `'/'` (root path) | +| `callback` | One or more callback functions. Accepted formats: a single middleware function, multiple middleware functions separated by commas, an array of middleware functions, or a combination of the above. You may provide multiple callbacks that behave like middleware. These can call `next('route')` to skip remaining callbacks for the current route. This is useful for conditional routing logic. If a callback throws an error or returns a rejected promise, `next(err)` is invoked automatically. Since both [router](/en/5x/api/router/) and [app](#overview) implement the middleware interface, they can also be used as callback middleware. For examples, see [Middleware callback function examples](#middleware-callback-function-examples). | _None_ | #### Description @@ -922,7 +922,7 @@ app.get('/', (req, res) => { **Error-handling middleware** -Error-handling middleware always takes _four_ arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don't need to use the `next` object, you must specify it to maintain the signature. Otherwise, the `next` object will be interpreted as regular middleware and will fail to handle errors. For details about error-handling middleware, see: [Error handling](../../guide/error-handling). +Error-handling middleware always takes _four_ arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don't need to use the `next` object, you must specify it to maintain the signature. Otherwise, the `next` object will be interpreted as regular middleware and will fail to handle errors. For details about error-handling middleware, see: [Error handling](/en/5x/guide/error-handling). Define error-handling middleware functions in the same way as other middleware functions, except with four arguments instead of three, specifically with the signature `(err, req, res, next)`): @@ -1063,7 +1063,7 @@ subApp.get('/', (req, res, next) => { app.use(mw1, [mw2, r1, r2], subApp); ``` -Following are some examples of using the [express.static](../../guide/using-middleware/#built-in-middleware) +Following are some examples of using the [express.static](/en/5x/guide/using-middleware/#built-in-middleware) middleware in an Express app. Serve static content for the app from the "public" directory in the application directory: diff --git a/src/content/api/5x/api/express/index.mdx b/src/content/api/5x/api/express/index.mdx index 241d5011e3..cff7958faf 100644 --- a/src/content/api/5x/api/express/index.mdx +++ b/src/content/api/5x/api/express/index.mdx @@ -20,7 +20,7 @@ The Express object has the following methods that can be used to create middlewa This is a built-in middleware function in Express. It parses incoming requests with JSON payloads and is based on -[body-parser](../../../resources/middleware/body-parser). +[body-parser](/en/resources/middleware/body-parser). Returns middleware that only parses JSON and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts any @@ -60,7 +60,7 @@ The following table describes the properties of the optional `options` object. This is a built-in middleware function in Express. It parses incoming request payloads into a `Buffer` and is based on -[body-parser](../../../resources/middleware/body-parser). +[body-parser](/en/resources/middleware/body-parser). Returns middleware that parses all bodies as a `Buffer` and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts @@ -96,7 +96,7 @@ The following table describes the properties of the optional `options` object. ### express.Router([options]) -Creates a new [router](../router/) object. +Creates a new [router](/en/5x/api/router/) object. ```js const router = express.Router([options]); @@ -117,17 +117,17 @@ The optional `options` parameter specifies the behavior of the router. You can add middleware and HTTP method routes (such as `get`, `put`, `post`, and so on) to `router` just like an application. -For more information, see [Router](../router/). +For more information, see [Router](/en/5x/api/router/). ### express.static(root, [options]) This is a built-in middleware function in Express. -It serves static files and is based on [serve-static](../../../resources/middleware/serve-static). +It serves static files and is based on [serve-static](/en/resources/middleware/serve-static). NOTE: For best results, [use a reverse -proxy](../../../advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of +proxy](/en/advanced/best-practice-performance#use-a-reverse-proxy) cache to improve performance of serving static assets. @@ -159,8 +159,8 @@ See also the [example below](#example-of-expressstatic). -For more information, see [Serving static files in Express](../../starter/static-files). -and [Using middleware - Built-in middleware](../../guide/using-middleware/#built-in-middleware). +For more information, see [Serving static files in Express](/en/5x/starter/static-files). +and [Using middleware - Built-in middleware](/en/5x/guide/using-middleware/#built-in-middleware). #### dotfiles @@ -195,7 +195,7 @@ fn(res, path, stat); Arguments: -- `res`, the [response object](../response/). +- `res`, the [response object](/en/5x/api/response/). - `path`, the file path that is being sent. - `stat`, the `stat` object of the file that is being sent. @@ -223,7 +223,7 @@ app.use(express.static('public', options)); This is a built-in middleware function in Express. It parses incoming request payloads into a string and is based on -[body-parser](../../../resources/middleware/body-parser). +[body-parser](/en/resources/middleware/body-parser). Returns middleware that parses all bodies as a string and only looks at requests where the `Content-Type` header matches the `type` option. This parser accepts @@ -261,7 +261,7 @@ The following table describes the properties of the optional `options` object. ### express.urlencoded([options]) This is a built-in middleware function in Express. It parses incoming requests -with urlencoded payloads and is based on [body-parser](../../../resources/middleware/body-parser). +with urlencoded payloads and is based on [body-parser](/en/resources/middleware/body-parser). Returns middleware that only parses urlencoded bodies and only looks at requests where the `Content-Type` header matches the `type` option. This diff --git a/src/content/api/5x/api/request/index.mdx b/src/content/api/5x/api/request/index.mdx index 7693892acb..aad92c1213 100644 --- a/src/content/api/5x/api/request/index.mdx +++ b/src/content/api/5x/api/request/index.mdx @@ -58,7 +58,7 @@ module.exports = (req, res) => { The URL path on which a router instance was mounted. -The `req.baseUrl` property is similar to the [mountpath](../application/#appmountpath) property of the `app` object, +The `req.baseUrl` property is similar to the [mountpath](/en/5x/api/application/#appmountpath) property of the `app` object, except `app.mountpath` returns the matched path pattern(s). For example: @@ -89,7 +89,7 @@ made to `/hello/jp`, `req.baseUrl` is "/hello". Contains key-value pairs of data submitted in the request body. By default, it is `undefined`, and is populated when you use body-parsing middleware such -as [`express.json()`](../express/#expressjsonoptions) or [`express.urlencoded()`](../express/#expressurlencodedoptions). +as [`express.json()`](/en/5x/api/express/#expressjsonoptions) or [`express.urlencoded()`](/en/5x/api/express/#expressurlencodedoptions). @@ -149,7 +149,7 @@ console.dir(req.fresh); Contains the host derived from the `Host` HTTP header. -When the [`trust proxy` setting](../application/#application-settings) +When the [`trust proxy` setting](/en/5x/api/application/#application-settings) does not evaluate to `false`, this property will instead get the value from the `X-Forwarded-Host` header field. This header can be set by the client or by the proxy. @@ -172,7 +172,7 @@ console.dir(req.host); Contains the hostname derived from the `Host` HTTP header. -When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) +When the [`trust proxy` setting](/en/5x/api/application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property will instead get the value from the `X-Forwarded-Host` header field. This header can be set by the client or by the proxy. @@ -191,7 +191,7 @@ console.dir(req.hostname); Contains the remote IP address of the request. -When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, +When the [`trust proxy` setting](/en/5x/api/application/#options-for-trust-proxy-setting) does not evaluate to `false`, the value of this property is derived from the left-most entry in the `X-Forwarded-For` header. This header can be set by the client or by the proxy. @@ -202,7 +202,7 @@ console.dir(req.ip); ### req.ips -When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, +When the [`trust proxy` setting](/en/5x/api/application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property contains an array of IP addresses specified in the `X-Forwarded-For` request header. Otherwise, it contains an empty array. This header can be set by the client or by the proxy. @@ -226,7 +226,7 @@ module](https://nodejs.org/api/http.html#http_message_url). This property is much like `req.url`; however, it retains the original request URL, allowing you to rewrite `req.url` freely for internal routing purposes. For example, -the "mounting" feature of [app.use()](../application/#appusepath-callback--callback) will rewrite `req.url` to strip the mount point. +the "mounting" feature of [app.use()](/en/5x/api/application/#appusepath-callback--callback) will rewrite `req.url` to strip the mount point. ```js // GET /search?q=something @@ -249,7 +249,7 @@ app.use('/admin', (req, res, next) => { ### req.params -This property is an object containing properties mapped to the [named route "parameters"](../../guide/routing/#route-parameters). For example, if you have the route `/user/:name`, then the "name" property is available as `req.params.name`. This object defaults to `Object.create(null)` when using string paths, but remains a standard object with a normal prototype when the path is defined with a regular expression. +This property is an object containing properties mapped to the [named route "parameters"](/en/5x/guide/routing/#route-parameters). For example, if you have the route `/user/:name`, then the "name" property is available as `req.params.name`. This object defaults to `Object.create(null)` when using string paths, but remains a standard object with a normal prototype when the path is defined with a regular expression. ```js // GET /user/tj @@ -281,7 +281,7 @@ app.use(/^\/file\/(.*)$/, (req, res) => { Named capturing groups in regular expressions behave like named route parameters. For example the group from `/^\/file\/(?.*)$/` expression is available as `req.params.path`. -If you need to make changes to a key in `req.params`, use the [app.param](../application/#appparamname-callback) handler. Changes are applicable only to [parameters](../../guide/routing/#route-parameters) already defined in the route path. +If you need to make changes to a key in `req.params`, use the [app.param](/en/5x/api/application/#appparamname-callback) handler. Changes are applicable only to [parameters](/en/5x/guide/routing/#route-parameters) already defined in the route path. Any changes made to the `req.params` object in a middleware or route handler will be reset. @@ -304,7 +304,7 @@ console.dir(req.path); When called from a middleware, the mount point is not included in `req.path`. See -[app.use()](../application/#appusepath-callback--callback) for more details. +[app.use()](/en/5x/api/application/#appusepath-callback--callback) for more details. @@ -312,7 +312,7 @@ When called from a middleware, the mount point is not included in `req.path`. Se Contains the request protocol string: either `http` or (for TLS requests) `https`. -When the [`trust proxy` setting](../application/#options-for-trust-proxy-setting) does not evaluate to `false`, +When the [`trust proxy` setting](/en/5x/api/application/#options-for-trust-proxy-setting) does not evaluate to `false`, this property will use the value of the `X-Forwarded-Proto` header field if present. This header can be set by the client or by the proxy. @@ -324,7 +324,7 @@ console.dir(req.protocol); ### req.query This property is an object containing a property for each query string parameter in the route. -When [query parser](../application/#application-settings) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser. +When [query parser](/en/5x/api/application/#application-settings) is set to disabled, it is an empty object `{}`, otherwise it is the result of the configured query parser. @@ -335,7 +335,7 @@ may not be a function and instead a string or other user-input. -The value of this property can be configured with the [query parser application setting](../application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.com/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: +The value of this property can be configured with the [query parser application setting](/en/5x/api/application/#application-settings) to work how your application needs it. A very popular query string parser is the [`qs` module](https://www.npmjs.com/package/qs), and this is used by default. The `qs` module is very configurable with many settings, and it may be desirable to use different settings than the default to populate `req.query`: ```js const qs = require('qs'); @@ -346,11 +346,11 @@ app.set('query parser', (str) => ); ``` -Check out the [query parser application setting](../application/#application-settings) documentation for other customization options. +Check out the [query parser application setting](/en/5x/api/application/#application-settings) documentation for other customization options. ### req.res -This property holds a reference to the [response object](../response) +This property holds a reference to the [response object](/en/5x/api/response) that relates to this request object. ### req.route @@ -435,7 +435,7 @@ console.dir(req.subdomains); The application property `subdomain offset`, which defaults to 2, is used for determining the beginning of the subdomain segments. To change this behavior, change its value -using [app.set](../application/#appsetname-value). +using [app.set](/en/5x/api/application/#appsetname-value). ### req.xhr diff --git a/src/content/api/5x/api/response/index.mdx b/src/content/api/5x/api/response/index.mdx index 8ec0564351..b05e320acf 100644 --- a/src/content/api/5x/api/response/index.mdx +++ b/src/content/api/5x/api/response/index.mdx @@ -36,7 +36,7 @@ and supports all [built-in fields and methods](https://nodejs.org/api/http.html# This property holds a reference to the instance of the Express application that is using the middleware. -`res.app` is identical to the [req.app](../request/#reqapp) property in the request object. +`res.app` is identical to the [req.app](/en/5x/api/request/#reqapp) property in the request object. ### res.headersSent @@ -66,7 +66,7 @@ for the used view engine for additional considerations. In order to keep local variables for use in template rendering between requests, use -[app.locals](../application/#applocals) instead. +[app.locals](/en/5x/api/application/#applocals) instead. This property is useful for exposing request-level information such as the request path name, authenticated user, user settings, and so on to templates rendered within the application. @@ -82,7 +82,7 @@ app.use((req, res, next) => { ### res.req -This property holds a reference to the [request object](../request/) +This property holds a reference to the [request object](/en/5x/api/request/) that relates to this response object. ## Methods @@ -230,7 +230,7 @@ Then, `res.cookie()` will use the secret passed to `cookieParser(secret)` to sig res.cookie('name', 'tobi', { signed: true }); ``` -Later, you may access this value through the [req.signedCookies](../request/#reqsignedcookies) object. +Later, you may access this value through the [req.signedCookies](/en/5x/api/request/#reqsignedcookies) object. ### res.download(path [, filename] [, options] [, fn]) @@ -300,7 +300,7 @@ res.status(404).end(); ### res.format(object) Performs content-negotiation on the `Accept` HTTP header on the request object, when present. -It uses [req.accepts()](../request/#reqacceptstypes) to select a handler for the request, based on the acceptable +It uses [req.accepts()](/en/5x/api/request/#reqacceptstypes) to select a handler for the request, based on the acceptable types ordered by their quality values. If the header is not specified, the first callback is invoked. When no match is found, the server responds with 406 "Not Acceptable", or invokes the `default` callback. @@ -392,7 +392,7 @@ res.status(500).jsonp({ error: 'message' }); By default, the JSONP callback name is simply `callback`. Override this with the -[jsonp callback name](../application/#application-settings) setting. +[jsonp callback name](/en/5x/api/application/#application-settings) setting. The following are some examples of JSONP responses using the same code: @@ -497,7 +497,7 @@ res.redirect('..'); ``` See also [Security best practices: Prevent open redirect -vulnerabilities](../../../advanced/best-practice-security/#prevent-open-redirects). +vulnerabilities](/en/advanced/best-practice-security/#prevent-open-redirects). ### res.render(view [, locals] [, callback]) @@ -509,7 +509,7 @@ Optional parameters: The `view` argument is a string that is the file path of the view file to render. This can be an absolute path, or a path relative to the `views` setting. If the path does not contain a file extension, then the `view engine` setting determines the file extension. If the path does contain a file extension, then Express will load the module for the specified template engine (via `require()`) and render it using the loaded module's `__express` function. -For more information, see [Using template engines with Express](../../guide/using-template-engines). +For more information, see [Using template engines with Express](/en/5x/guide/using-template-engines). diff --git a/src/content/api/5x/api/router/index.mdx b/src/content/api/5x/api/router/index.mdx index 1dfd871a07..8b0087fd77 100644 --- a/src/content/api/5x/api/router/index.mdx +++ b/src/content/api/5x/api/router/index.mdx @@ -10,9 +10,9 @@ as a "mini-application," capable only of performing middleware and routing functions. Every Express application has a built-in app router. A router behaves like middleware itself, so you can use it as an argument to -[app.use()](../application/#appusepath-callback--callback) or as the argument to another router's [use()](#routerusepath-function--function) method. +[app.use()](/en/5x/api/application/#appusepath-callback--callback) or as the argument to another router's [use()](#routerusepath-function--function) method. -The top-level `express` object has a [Router()](../express/#expressrouteroptions) method that creates a new `router` object. +The top-level `express` object has a [Router()](/en/5x/api/express/#expressrouteroptions) method that creates a new `router` object. Once you've created a router object, you can add middleware and HTTP method routes (such as `get`, `put`, `post`, and so on) to it just like an application. For example: @@ -267,8 +267,8 @@ belong to the route to which they were added. Uses the specified middleware function or functions, with optional mount path `path`, that defaults to "/". -This method is similar to [app.use()](../application/#appusepath-callback--callback). A simple example and use case is described below. -See [app.use()](../application/#appusepath-callback--callback) for more information. +This method is similar to [app.use()](/en/5x/api/application/#appusepath-callback--callback). A simple example and use case is described below. +See [app.use()](/en/5x/api/application/#appusepath-callback--callback) for more information. Middleware is like a plumbing pipe: requests start at the first middleware function defined and work their way "down" the middleware stack processing for each path they match. diff --git a/src/content/docs/en/4x/guide/behind-proxies.mdx b/src/content/docs/en/4x/guide/behind-proxies.mdx index 414424983a..8a96700d26 100644 --- a/src/content/docs/en/4x/guide/behind-proxies.mdx +++ b/src/content/docs/en/4x/guide/behind-proxies.mdx @@ -86,17 +86,18 @@ Enabling `trust proxy` will have the following impact:
  • - The value of [req.hostname](../../api/request/#reqhostname) is derived from the value set in the - `X-Forwarded-Host` header, which can be set by the client or by the proxy. + The value of [req.hostname](/en/4x/api/request/#reqhostname) is derived from the value set in + the `X-Forwarded-Host` header, which can be set by the client or by the proxy.
  • `X-Forwarded-Proto` can be set by the reverse proxy to tell the app whether it is `https` or `http` or even an invalid name. This value is reflected by - [req.protocol](../../api/request/#reqprotocol). + [req.protocol](/en/4x/api/request/#reqprotocol).
  • - The [req.ip](/en/api#req.ip) and [req.ips](../../api/request/#reqips) values are populated based - on the socket address and `X-Forwarded-For` header, starting at the first untrusted address. + The [req.ip](/en/4x/api/request/#reqip) and [req.ips](/en/4x/api/request/#reqips) values are + populated based on the socket address and `X-Forwarded-For` header, starting at the first + untrusted address.
diff --git a/src/content/docs/en/4x/guide/debugging.mdx b/src/content/docs/en/4x/guide/debugging.mdx index 4a5e74d9bb..da5a8c8bff 100644 --- a/src/content/docs/en/4x/guide/debugging.mdx +++ b/src/content/docs/en/4x/guide/debugging.mdx @@ -18,7 +18,7 @@ On Windows, use the corresponding command. > $env:DEBUG = "express:*"; node index.js ``` -Running this command on the default app generated by the [express generator](../../starter/generator) prints the following output: +Running this command on the default app generated by the [express generator](/en/4x/starter/generator) prints the following output: ```bash $ DEBUG=express:* node ./bin/www diff --git a/src/content/docs/en/4x/guide/error-handling.mdx b/src/content/docs/en/4x/guide/error-handling.mdx index 5dde6bd69a..e34218f841 100644 --- a/src/content/docs/en/4x/guide/error-handling.mdx +++ b/src/content/docs/en/4x/guide/error-handling.mdx @@ -190,7 +190,7 @@ function errorHandler(err, req, res, next) { Note that the default error handler can get triggered if you call `next()` with an error in your code more than once, even if custom error handling middleware is in place. -Other error handling middleware can be found at [Express middleware](../../../resources/middleware). +Other error handling middleware can be found at [Express middleware](/en/resources/middleware). ## Writing error handlers diff --git a/src/content/docs/en/4x/guide/overriding-express-api.md b/src/content/docs/en/4x/guide/overriding-express-api.md index 349d20011c..ca245b80d5 100644 --- a/src/content/docs/en/4x/guide/overriding-express-api.md +++ b/src/content/docs/en/4x/guide/overriding-express-api.md @@ -14,7 +14,7 @@ Altering the global prototypes will affect all loaded Express apps in the same p You can override the signature and behavior of existing methods with your own, by assigning a custom function. -Following is an example of overriding the behavior of [res.sendStatus](../../api/response/#ressendstatusstatuscode). +Following is an example of overriding the behavior of [res.sendStatus](/en/4x/api/response/#ressendstatusstatuscode). ```js app.response.sendStatus = function (statusCode, type, message) { diff --git a/src/content/docs/en/4x/guide/routing.mdx b/src/content/docs/en/4x/guide/routing.mdx index 68ddf115e9..4713255626 100644 --- a/src/content/docs/en/4x/guide/routing.mdx +++ b/src/content/docs/en/4x/guide/routing.mdx @@ -6,12 +6,12 @@ description: Learn how to define and use routes in Express.js applications, incl import Alert from '@components/primitives/Alert/Alert.astro'; _Routing_ refers to how an application's endpoints (URIs) respond to client requests. -For an introduction to routing, see [Basic routing](../../starter/basic-routing). +For an introduction to routing, see [Basic routing](/en/4x/starter/basic-routing). You define routing using methods of the Express `app` object that correspond to HTTP methods; for example, `app.get()` to handle GET requests and `app.post` to handle POST requests. For a full list, -see [app.METHOD](../../api/application#appmethodpath-callback--callback-). You can also use [app.all()](../../api/application#appallpath-callback--callback-) to handle all HTTP methods and [app.use()](../../api/application#appusepath-callback--callback) to -specify middleware as the callback function (See [Using middleware](../using-middleware) for details). +see [app.METHOD](/en/4x/api/application#appmethodpath-callback--callback-). You can also use [app.all()](/en/4x/api/application#appallpath-callback--callback-) to handle all HTTP methods and [app.use()](/en/4x/api/application#appusepath-callback--callback) to +specify middleware as the callback function (See [Using middleware](/en/4x/guide/using-middleware) for details). These routing methods specify a callback function (sometimes called "handler functions") called when the application receives a request to the specified route (endpoint) and HTTP method. In other words, the application "listens" for requests that match the specified route(s) and method(s), and when it detects a match, it calls the specified callback function. @@ -50,7 +50,7 @@ app.post('/', (req, res) => { ``` Express supports methods that correspond to all HTTP request methods: `get`, `post`, and so on. -For a full list, see [app.METHOD](../../api/application#appmethodpath-callback--callback-). +For a full list, see [app.METHOD](/en/4x/api/application#appmethodpath-callback--callback-). There is a special routing method, `app.all()`, used to load middleware functions at a path for _all_ HTTP request methods. For example, the following handler is executed for requests to the route `"/secret"` whether using `GET`, `POST`, `PUT`, `DELETE`, or any other HTTP request method supported in the [http module](https://nodejs.org/api/http.html#http_http_methods). @@ -217,7 +217,7 @@ The [`*`](https://github.com/expressjs/express/issues/2495) character in regular ## Route handlers -You can provide multiple callback functions that behave like [middleware](../using-middleware) to handle a request. The only exception is that these callbacks might invoke `next('route')` to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there's no reason to proceed with the current route. +You can provide multiple callback functions that behave like [middleware](/en/4x/guide/using-middleware) to handle a request. The only exception is that these callbacks might invoke `next('route')` to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there's no reason to proceed with the current route. ```js app.get('/user/:id', (req, res, next) => { @@ -312,22 +312,22 @@ app.get( The methods on the response object (`res`) in the following table can send a response to the client, and terminate the request-response cycle. If none of these methods are called from a route handler, the client request will be left hanging. -| Method | Description | -| --------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | -| [res.download()](../../api/response#resdownloadpath--filename--options--fn) | Prompt a file to be downloaded. | -| [res.end()](../../api/response#resenddata-encoding-callback) | End the response process. | -| [res.json()](../../api/response#resjsonbody) | Send a JSON response. | -| [res.jsonp()](../../api/response#resjsonpbody) | Send a JSON response with JSONP support. | -| [res.redirect()](../../api/response#resredirectstatus-path) | Redirect a request. | -| [res.render()](../../api/response#resrenderview--locals--callback) | Render a view template. | -| [res.send()](../../api/response#ressendbody) | Send a response of various types. | -| [res.sendFile()](../../api/response#ressendfilepath--options--fn) | Send a file as an octet stream. | -| [res.sendStatus()](../../api/response#ressendstatusstatuscode) | Set the response status code and send its string representation as the response body. | +| Method | Description | +| ---------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | +| [res.download()](/en/4x/api/response#resdownloadpath--filename--options--fn) | Prompt a file to be downloaded. | +| [res.end()](/en/4x/api/response#resenddata-encoding-callback) | End the response process. | +| [res.json()](/en/4x/api/response#resjsonbody) | Send a JSON response. | +| [res.jsonp()](/en/4x/api/response#resjsonpbody) | Send a JSON response with JSONP support. | +| [res.redirect()](/en/4x/api/response#resredirectstatus-path) | Redirect a request. | +| [res.render()](/en/4x/api/response#resrenderview--locals--callback) | Render a view template. | +| [res.send()](/en/4x/api/response#ressendbody) | Send a response of various types. | +| [res.sendFile()](/en/4x/api/response#ressendfilepath--options--fn) | Send a file as an octet stream. | +| [res.sendStatus()](/en/4x/api/response#ressendstatusstatuscode) | Set the response status code and send its string representation as the response body. | ## app.route() You can create chainable route handlers for a route path by using `app.route()`. -Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: [Router() documentation](../../api/router). +Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: [Router() documentation](/en/4x/api/router). Here is an example of chained route handlers that are defined by using `app.route()`. @@ -388,7 +388,7 @@ app.use('/birds', birds); The app will now be able to handle requests to `/birds` and `/birds/about`, as well as call the `timeLog` middleware function that is specific to the route. -But if the parent route `/birds` has path parameters, it will not be accessible by default from the sub-routes. To make it accessible, you will need to pass the `mergeParams` option to the Router constructor [reference](../../api/application#appusepath-callback--callback). +But if the parent route `/birds` has path parameters, it will not be accessible by default from the sub-routes. To make it accessible, you will need to pass the `mergeParams` option to the Router constructor [reference](/en/4x/api/application#appusepath-callback--callback). ```js const router = express.Router({ mergeParams: true }); diff --git a/src/content/docs/en/4x/guide/using-middleware.mdx b/src/content/docs/en/4x/guide/using-middleware.mdx index b5a1a6796d..eb6d925b35 100644 --- a/src/content/docs/en/4x/guide/using-middleware.mdx +++ b/src/content/docs/en/4x/guide/using-middleware.mdx @@ -7,7 +7,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; Express is a routing and middleware web framework that has minimal functionality of its own: An Express application is essentially a series of middleware function calls. -_Middleware_ functions are functions that have access to the [request object](../../api/request) (`req`), the [response object](../../api/response) (`res`), and the next middleware function in the application's request-response cycle. The next middleware function is commonly denoted by a variable named `next`. +_Middleware_ functions are functions that have access to the [request object](/en/4x/api/request) (`req`), the [response object](/en/4x/api/response) (`res`), and the next middleware function in the application's request-response cycle. The next middleware function is commonly denoted by a variable named `next`. Middleware functions can perform the following tasks: @@ -31,7 +31,7 @@ You can also load a series of middleware functions together, which creates a sub ## Application-level middleware -Bind application-level middleware to an instance of the [app object](../../api/application) by using the `app.use()` and `app.METHOD()` functions, where `METHOD` is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase. +Bind application-level middleware to an instance of the [app object](/en/4x/api/application) by using the `app.use()` and `app.METHOD()` functions, where `METHOD` is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase. This example shows a middleware function with no mount path. The function is executed every time the app receives a request. @@ -262,7 +262,7 @@ app.use((err, req, res, next) => { }); ``` -For details about error-handling middleware, see: [Error handling](../error-handling). +For details about error-handling middleware, see: [Error handling](/en/4x/guide/error-handling). ## Built-in middleware @@ -271,9 +271,9 @@ functions that were previously included with Express are now in separate modules Express has the following built-in middleware functions: -- [express.static](../../api/express/#expressstaticroot-options) serves static assets such as HTML files, images, and so on. -- [express.json](../../api/express/#expressjsonoptions) parses incoming requests with JSON payloads. **NOTE: Available with Express 4.16.0+** -- [express.urlencoded](../../api/express/#expressurlencodedoptions) parses incoming requests with URL-encoded payloads. **NOTE: Available with Express 4.16.0+** +- [express.static](/en/4x/api/express/#expressstaticroot-options) serves static assets such as HTML files, images, and so on. +- [express.json](/en/4x/api/express/#expressjsonoptions) parses incoming requests with JSON payloads. **NOTE: Available with Express 4.16.0+** +- [express.urlencoded](/en/4x/api/express/#expressurlencodedoptions) parses incoming requests with URL-encoded payloads. **NOTE: Available with Express 4.16.0+** ## Third-party middleware @@ -296,4 +296,4 @@ const cookieParser = require('cookie-parser'); app.use(cookieParser()); ``` -For a partial list of third-party middleware functions that are commonly used with Express, see: [Third-party middleware](../../../resources/middleware). +For a partial list of third-party middleware functions that are commonly used with Express, see: [Third-party middleware](/en/resources/middleware). diff --git a/src/content/docs/en/4x/guide/using-template-engines.mdx b/src/content/docs/en/4x/guide/using-template-engines.mdx index 7c70645ffd..53976487b5 100644 --- a/src/content/docs/en/4x/guide/using-template-engines.mdx +++ b/src/content/docs/en/4x/guide/using-template-engines.mdx @@ -9,9 +9,9 @@ A _template engine_ enables you to use static template files in your application variables in a template file with actual values, and transforms the template into an HTML file sent to the client. This approach makes it easier to design an HTML page. -The [Express application generator](../../starter/generator) uses [Pug](https://pugjs.org/api/getting-started.html) as its default, but it also supports [Handlebars](https://www.npmjs.com/package/handlebars), and [EJS](https://www.npmjs.com/package/ejs), among others. +The [Express application generator](/en/4x/starter/generator) uses [Pug](https://pugjs.org/api/getting-started.html) as its default, but it also supports [Handlebars](https://www.npmjs.com/package/handlebars), and [EJS](https://www.npmjs.com/package/ejs), among others. -To render template files, set the following [application setting properties](../../api/application/#appsetname-value), in the default `app.js` created by the generator: +To render template files, set the following [application setting properties](/en/4x/api/application/#appsetname-value), in the default `app.js` created by the generator: - `views`, the directory where the template files are located. Eg: `app.set('views', './views')`. This defaults to the `views` directory in the application root directory. diff --git a/src/content/docs/en/4x/guide/writing-middleware.mdx b/src/content/docs/en/4x/guide/writing-middleware.mdx index 0b797e3fa3..e518361e8e 100644 --- a/src/content/docs/en/4x/guide/writing-middleware.mdx +++ b/src/content/docs/en/4x/guide/writing-middleware.mdx @@ -5,7 +5,7 @@ description: Learn how to write custom middleware functions for Express.js appli import Alert from '@components/primitives/Alert/Alert.astro'; -_Middleware_ functions are functions that have access to the [request object](../../api/request) (`req`), the [response object](../../api/response) (`res`), and the `next` function in the application's request-response cycle. The `next` function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware. +_Middleware_ functions are functions that have access to the [request object](/en/4x/api/request) (`req`), the [response object](/en/4x/api/response) (`res`), and the `next` function in the application's request-response cycle. The `next` function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware. Middleware functions can perform the following tasks: @@ -39,11 +39,11 @@ The following figure shows the elements of a middleware function call:
- HTTP [response](../../api/response) argument to the middleware function, called "res" by + HTTP [response](/en/4x/api/response) argument to the middleware function, called "res" by convention.
-
HTTP [request](../../api/request) argument to the middleware function, called "req" by convention.
+
HTTP [request](/en/4x/api/request) argument to the middleware function, called "req" by convention.
@@ -171,7 +171,7 @@ async function cookieValidator(cookies) { } ``` -Here, we use the [`cookie-parser`](../../../resources/middleware/cookie-parser) middleware to parse incoming cookies off the `req` object and pass them to our `cookieValidator` function. The `validateCookies` middleware returns a Promise that upon rejection will automatically trigger our error handler. +Here, we use the [`cookie-parser`](/en/resources/middleware/cookie-parser) middleware to parse incoming cookies off the `req` object and pass them to our `cookieValidator` function. The `validateCookies` middleware returns a Promise that upon rejection will automatically trigger our error handler. ```js const express = require('express'); @@ -209,7 +209,7 @@ functions. Because you have access to the request object, the response object, the next middleware function in the stack, and the whole Node.js API, the possibilities with middleware functions are endless. -For more information about Express middleware, see: [Using Express middleware](../using-middleware). +For more information about Express middleware, see: [Using Express middleware](/en/4x/guide/using-middleware). ## Configurable middleware diff --git a/src/content/docs/en/4x/starter/basic-routing.mdx b/src/content/docs/en/4x/starter/basic-routing.mdx index 6d4768513d..4dd55eb46e 100644 --- a/src/content/docs/en/4x/starter/basic-routing.mdx +++ b/src/content/docs/en/4x/starter/basic-routing.mdx @@ -26,7 +26,7 @@ Where: This tutorial assumes that an instance of `express` named `app` is created and the server is running. If you are not familiar with creating an app and starting it, see the [Hello world -example](../hello-world). +example](/en/4x/starter/hello-world). @@ -64,4 +64,4 @@ app.delete('/user', (req, res) => { }); ``` -For more details about routing, see the [routing guide](../../guide/routing). +For more details about routing, see the [routing guide](/en/4x/guide/routing). diff --git a/src/content/docs/en/4x/starter/faq.md b/src/content/docs/en/4x/starter/faq.md index 17175a1f8c..914586dd74 100755 --- a/src/content/docs/en/4x/starter/faq.md +++ b/src/content/docs/en/4x/starter/faq.md @@ -42,7 +42,7 @@ To normalize template engine interfaces and caching, see the [consolidate.js](https://github.com/visionmedia/consolidate.js) project for support. Unlisted template engines might still support the Express signature. -For more information, see [Using template engines with Express](../../guide/using-template-engines). +For more information, see [Using template engines with Express](/en/4x/guide/using-template-engines). ## How do I handle 404 responses? @@ -75,7 +75,7 @@ app.use((err, req, res, next) => { }); ``` -For more information, see [Error handling](../../guide/error-handling). +For more information, see [Error handling](/en/4x/guide/error-handling). ## How do I render plain HTML? @@ -86,5 +86,5 @@ middleware function. ## What version of Node.js does Express require? -- [Express 4.x](../../../4x/api) requires Node.js 0.10 or higher. -- [Express 5.x](../../../5x/api) requires Node.js 18 or higher. +- [Express 4.x](/en/4x/api) requires Node.js 0.10 or higher. +- [Express 5.x](/en/5x/api) requires Node.js 18 or higher. diff --git a/src/content/docs/en/4x/starter/hello-world.mdx b/src/content/docs/en/4x/starter/hello-world.mdx index 3ba6fb1fec..96fe449f10 100644 --- a/src/content/docs/en/4x/starter/hello-world.mdx +++ b/src/content/docs/en/4x/starter/hello-world.mdx @@ -8,7 +8,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; Embedded below is essentially the simplest Express app you can create. It is a single file app -— _not_ what you'd get if you use the [Express generator](../generator), which +— _not_ what you'd get if you use the [Express generator](/en/4x/starter/generator), which creates the scaffolding for a full app with numerous JavaScript files, Jade templates, and sub-directories for various purposes. @@ -33,7 +33,7 @@ to the root URL (`/`) or _route_. For every other path, it will respond with a * ## Running Locally -First create a directory named `myapp`, change to it and run `npm init`. Then, install `express` as a dependency, as per the [installation guide](../installing). +First create a directory named `myapp`, change to it and run `npm init`. Then, install `express` as a dependency, as per the [installation guide](/en/4x/starter/installing). In the `myapp` directory, create a file named `app.js` and copy the code from the example above. diff --git a/src/content/docs/en/4x/starter/static-files.mdx b/src/content/docs/en/4x/starter/static-files.mdx index 2506633eea..a5b8382f1d 100644 --- a/src/content/docs/en/4x/starter/static-files.mdx +++ b/src/content/docs/en/4x/starter/static-files.mdx @@ -14,7 +14,7 @@ express.static(root, [options]); ``` The `root` argument specifies the root directory from which to serve static assets. -For more information on the `options` argument, see [express.static](../../api/express/#expressstaticroot-options). +For more information on the `options` argument, see [express.static](/en/4x/api/express/#expressstaticroot-options). For example, use the following code to serve images, CSS files, and JavaScript files in a directory named `public`: @@ -51,12 +51,12 @@ Express looks up the files in the order in which you set the static directories For best results, [use a reverse -proxy](../../../advanced/best-practice-performance/#use-a-reverse-proxy) cache to improve performance of +proxy](/en/advanced/best-practice-performance/#use-a-reverse-proxy) cache to improve performance of serving static assets. -To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the `express.static` function, [specify a mount path](../../api/application/#appusepath-callback--callback) for the static directory, as shown below: +To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the `express.static` function, [specify a mount path](/en/4x/api/application/#appusepath-callback--callback) for the static directory, as shown below: ```js app.use('/static', express.static('public')); @@ -79,4 +79,4 @@ const path = require('path'); app.use('/static', express.static(path.join(__dirname, 'public'))); ``` -For more details about the `serve-static` function and its options, see [serve-static](../../../resources/middleware/serve-static). +For more details about the `serve-static` function and its options, see [serve-static](/en/resources/middleware/serve-static). diff --git a/src/content/docs/en/5x/guide/behind-proxies.mdx b/src/content/docs/en/5x/guide/behind-proxies.mdx index 414424983a..9ac7b8b334 100644 --- a/src/content/docs/en/5x/guide/behind-proxies.mdx +++ b/src/content/docs/en/5x/guide/behind-proxies.mdx @@ -86,17 +86,18 @@ Enabling `trust proxy` will have the following impact:
  • - The value of [req.hostname](../../api/request/#reqhostname) is derived from the value set in the - `X-Forwarded-Host` header, which can be set by the client or by the proxy. + The value of [req.hostname](/en/5x/api/request/#reqhostname) is derived from the value set in + the `X-Forwarded-Host` header, which can be set by the client or by the proxy.
  • `X-Forwarded-Proto` can be set by the reverse proxy to tell the app whether it is `https` or `http` or even an invalid name. This value is reflected by - [req.protocol](../../api/request/#reqprotocol). + [req.protocol](/en/5x/api/request/#reqprotocol).
  • - The [req.ip](/en/api#req.ip) and [req.ips](../../api/request/#reqips) values are populated based - on the socket address and `X-Forwarded-For` header, starting at the first untrusted address. + The [req.ip](/en/5x/api/request/#reqip) and [req.ips](/en/5x/api/request/#reqips) values are + populated based on the socket address and `X-Forwarded-For` header, starting at the first + untrusted address.
diff --git a/src/content/docs/en/5x/guide/debugging.mdx b/src/content/docs/en/5x/guide/debugging.mdx index 4a5e74d9bb..27cd94096c 100644 --- a/src/content/docs/en/5x/guide/debugging.mdx +++ b/src/content/docs/en/5x/guide/debugging.mdx @@ -18,7 +18,7 @@ On Windows, use the corresponding command. > $env:DEBUG = "express:*"; node index.js ``` -Running this command on the default app generated by the [express generator](../../starter/generator) prints the following output: +Running this command on the default app generated by the [express generator](/en/5x/starter/generator) prints the following output: ```bash $ DEBUG=express:* node ./bin/www diff --git a/src/content/docs/en/5x/guide/error-handling.mdx b/src/content/docs/en/5x/guide/error-handling.mdx index 5dde6bd69a..e34218f841 100644 --- a/src/content/docs/en/5x/guide/error-handling.mdx +++ b/src/content/docs/en/5x/guide/error-handling.mdx @@ -190,7 +190,7 @@ function errorHandler(err, req, res, next) { Note that the default error handler can get triggered if you call `next()` with an error in your code more than once, even if custom error handling middleware is in place. -Other error handling middleware can be found at [Express middleware](../../../resources/middleware). +Other error handling middleware can be found at [Express middleware](/en/resources/middleware). ## Writing error handlers diff --git a/src/content/docs/en/5x/guide/overriding-express-api.md b/src/content/docs/en/5x/guide/overriding-express-api.md index 349d20011c..35e4431ff2 100644 --- a/src/content/docs/en/5x/guide/overriding-express-api.md +++ b/src/content/docs/en/5x/guide/overriding-express-api.md @@ -14,7 +14,7 @@ Altering the global prototypes will affect all loaded Express apps in the same p You can override the signature and behavior of existing methods with your own, by assigning a custom function. -Following is an example of overriding the behavior of [res.sendStatus](../../api/response/#ressendstatusstatuscode). +Following is an example of overriding the behavior of [res.sendStatus](/en/5x/api/response/#ressendstatusstatuscode). ```js app.response.sendStatus = function (statusCode, type, message) { diff --git a/src/content/docs/en/5x/guide/routing.mdx b/src/content/docs/en/5x/guide/routing.mdx index 8dca5eb4c3..14755ed2d7 100644 --- a/src/content/docs/en/5x/guide/routing.mdx +++ b/src/content/docs/en/5x/guide/routing.mdx @@ -6,12 +6,12 @@ description: Learn how to define and use routes in Express.js applications, incl import Alert from '@components/primitives/Alert/Alert.astro'; _Routing_ refers to how an application's endpoints (URIs) respond to client requests. -For an introduction to routing, see [Basic routing](../../starter/basic-routing). +For an introduction to routing, see [Basic routing](/en/5x/starter/basic-routing). You define routing using methods of the Express `app` object that correspond to HTTP methods; for example, `app.get()` to handle GET requests and `app.post` to handle POST requests. For a full list, -see [app.METHOD](../../api/application#appmethodpath-callback--callback-). You can also use [app.all()](../../api/application#appallpath-callback--callback-) to handle all HTTP methods and [app.use()](../../api/application#appusepath-callback--callback) to -specify middleware as the callback function (See [Using middleware](../using-middleware) for details). +see [app.METHOD](/en/5x/api/application#appmethodpath-callback--callback-). You can also use [app.all()](/en/5x/api/application#appallpath-callback--callback-) to handle all HTTP methods and [app.use()](/en/5x/api/application#appusepath-callback--callback) to +specify middleware as the callback function (See [Using middleware](/en/5x/guide/using-middleware) for details). These routing methods specify a callback function (sometimes called "handler functions") called when the application receives a request to the specified route (endpoint) and HTTP method. In other words, the application "listens" for requests that match the specified route(s) and method(s), and when it detects a match, it calls the specified callback function. @@ -50,7 +50,7 @@ app.post('/', (req, res) => { ``` Express supports methods that correspond to all HTTP request methods: `get`, `post`, and so on. -For a full list, see [app.METHOD](../../api/application#appmethodpath-callback--callback-). +For a full list, see [app.METHOD](/en/5x/api/application#appmethodpath-callback--callback-). There is a special routing method, `app.all()`, used to load middleware functions at a path for _all_ HTTP request methods. For example, the following handler is executed for requests to the route `"/secret"` whether using `GET`, `POST`, `PUT`, `DELETE`, or any other HTTP request method supported in the [http module](https://nodejs.org/api/http.html#http_http_methods). @@ -191,13 +191,13 @@ req.params: { "genus": "Prunus", "species": "persica" } Regexp characters are not supported in route paths. Use an array of paths or regular expressions instead. -See the [path route matching syntax](../../../guide/migrating-5#path-route-matching-syntax) for more information. +See the [path route matching syntax](/en/guide/migrating-5#path-route-matching-syntax) for more information. ## Route handlers -You can provide multiple callback functions that behave like [middleware](../using-middleware) to handle a request. The only exception is that these callbacks might invoke `next('route')` to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there's no reason to proceed with the current route. +You can provide multiple callback functions that behave like [middleware](/en/5x/guide/using-middleware) to handle a request. The only exception is that these callbacks might invoke `next('route')` to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there's no reason to proceed with the current route. ```js app.get('/user/:id', (req, res, next) => { @@ -292,22 +292,22 @@ app.get( The methods on the response object (`res`) in the following table can send a response to the client, and terminate the request-response cycle. If none of these methods are called from a route handler, the client request will be left hanging. -| Method | Description | -| --------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | -| [res.download()](../../api/response#resdownloadpath--filename--options--fn) | Prompt a file to be downloaded. | -| [res.end()](../../api/response#resenddata-encoding-callback) | End the response process. | -| [res.json()](../../api/response#resjsonbody) | Send a JSON response. | -| [res.jsonp()](../../api/response#resjsonpbody) | Send a JSON response with JSONP support. | -| [res.redirect()](../../api/response#resredirectstatus-path) | Redirect a request. | -| [res.render()](../../api/response#resrenderview--locals--callback) | Render a view template. | -| [res.send()](../../api/response#ressendbody) | Send a response of various types. | -| [res.sendFile()](../../api/response#ressendfilepath--options--fn) | Send a file as an octet stream. | -| [res.sendStatus()](../../api/response#ressendstatusstatuscode) | Set the response status code and send its string representation as the response body. | +| Method | Description | +| ---------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | +| [res.download()](/en/5x/api/response#resdownloadpath--filename--options--fn) | Prompt a file to be downloaded. | +| [res.end()](/en/5x/api/response#resenddata-encoding-callback) | End the response process. | +| [res.json()](/en/5x/api/response#resjsonbody) | Send a JSON response. | +| [res.jsonp()](/en/5x/api/response#resjsonpbody) | Send a JSON response with JSONP support. | +| [res.redirect()](/en/5x/api/response#resredirectstatus-path) | Redirect a request. | +| [res.render()](/en/5x/api/response#resrenderview--locals--callback) | Render a view template. | +| [res.send()](/en/5x/api/response#ressendbody) | Send a response of various types. | +| [res.sendFile()](/en/5x/api/response#ressendfilepath--options--fn) | Send a file as an octet stream. | +| [res.sendStatus()](/en/5x/api/response#ressendstatusstatuscode) | Set the response status code and send its string representation as the response body. | ## app.route() You can create chainable route handlers for a route path by using `app.route()`. -Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: [Router() documentation](../../api/router). +Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: [Router() documentation](/en/5x/api/router). Here is an example of chained route handlers that are defined by using `app.route()`. @@ -368,7 +368,7 @@ app.use('/birds', birds); The app will now be able to handle requests to `/birds` and `/birds/about`, as well as call the `timeLog` middleware function that is specific to the route. -But if the parent route `/birds` has path parameters, it will not be accessible by default from the sub-routes. To make it accessible, you will need to pass the `mergeParams` option to the Router constructor [reference](../../api/application#appusepath-callback--callback). +But if the parent route `/birds` has path parameters, it will not be accessible by default from the sub-routes. To make it accessible, you will need to pass the `mergeParams` option to the Router constructor [reference](/en/5x/api/application#appusepath-callback--callback). ```js const router = express.Router({ mergeParams: true }); diff --git a/src/content/docs/en/5x/guide/using-middleware.mdx b/src/content/docs/en/5x/guide/using-middleware.mdx index b5a1a6796d..5bf5722b66 100644 --- a/src/content/docs/en/5x/guide/using-middleware.mdx +++ b/src/content/docs/en/5x/guide/using-middleware.mdx @@ -7,7 +7,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; Express is a routing and middleware web framework that has minimal functionality of its own: An Express application is essentially a series of middleware function calls. -_Middleware_ functions are functions that have access to the [request object](../../api/request) (`req`), the [response object](../../api/response) (`res`), and the next middleware function in the application's request-response cycle. The next middleware function is commonly denoted by a variable named `next`. +_Middleware_ functions are functions that have access to the [request object](/en/5x/api/request) (`req`), the [response object](/en/5x/api/response) (`res`), and the next middleware function in the application's request-response cycle. The next middleware function is commonly denoted by a variable named `next`. Middleware functions can perform the following tasks: @@ -31,7 +31,7 @@ You can also load a series of middleware functions together, which creates a sub ## Application-level middleware -Bind application-level middleware to an instance of the [app object](../../api/application) by using the `app.use()` and `app.METHOD()` functions, where `METHOD` is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase. +Bind application-level middleware to an instance of the [app object](/en/5x/api/application) by using the `app.use()` and `app.METHOD()` functions, where `METHOD` is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase. This example shows a middleware function with no mount path. The function is executed every time the app receives a request. @@ -262,7 +262,7 @@ app.use((err, req, res, next) => { }); ``` -For details about error-handling middleware, see: [Error handling](../error-handling). +For details about error-handling middleware, see: [Error handling](/en/5x/guide/error-handling). ## Built-in middleware @@ -271,9 +271,9 @@ functions that were previously included with Express are now in separate modules Express has the following built-in middleware functions: -- [express.static](../../api/express/#expressstaticroot-options) serves static assets such as HTML files, images, and so on. -- [express.json](../../api/express/#expressjsonoptions) parses incoming requests with JSON payloads. **NOTE: Available with Express 4.16.0+** -- [express.urlencoded](../../api/express/#expressurlencodedoptions) parses incoming requests with URL-encoded payloads. **NOTE: Available with Express 4.16.0+** +- [express.static](/en/5x/api/express/#expressstaticroot-options) serves static assets such as HTML files, images, and so on. +- [express.json](/en/5x/api/express/#expressjsonoptions) parses incoming requests with JSON payloads. **NOTE: Available with Express 4.16.0+** +- [express.urlencoded](/en/5x/api/express/#expressurlencodedoptions) parses incoming requests with URL-encoded payloads. **NOTE: Available with Express 4.16.0+** ## Third-party middleware @@ -296,4 +296,4 @@ const cookieParser = require('cookie-parser'); app.use(cookieParser()); ``` -For a partial list of third-party middleware functions that are commonly used with Express, see: [Third-party middleware](../../../resources/middleware). +For a partial list of third-party middleware functions that are commonly used with Express, see: [Third-party middleware](/en/resources/middleware). diff --git a/src/content/docs/en/5x/guide/using-template-engines.mdx b/src/content/docs/en/5x/guide/using-template-engines.mdx index 7c70645ffd..cee43c2c32 100644 --- a/src/content/docs/en/5x/guide/using-template-engines.mdx +++ b/src/content/docs/en/5x/guide/using-template-engines.mdx @@ -9,9 +9,9 @@ A _template engine_ enables you to use static template files in your application variables in a template file with actual values, and transforms the template into an HTML file sent to the client. This approach makes it easier to design an HTML page. -The [Express application generator](../../starter/generator) uses [Pug](https://pugjs.org/api/getting-started.html) as its default, but it also supports [Handlebars](https://www.npmjs.com/package/handlebars), and [EJS](https://www.npmjs.com/package/ejs), among others. +The [Express application generator](/en/5x/starter/generator) uses [Pug](https://pugjs.org/api/getting-started.html) as its default, but it also supports [Handlebars](https://www.npmjs.com/package/handlebars), and [EJS](https://www.npmjs.com/package/ejs), among others. -To render template files, set the following [application setting properties](../../api/application/#appsetname-value), in the default `app.js` created by the generator: +To render template files, set the following [application setting properties](/en/5x/api/application/#appsetname-value), in the default `app.js` created by the generator: - `views`, the directory where the template files are located. Eg: `app.set('views', './views')`. This defaults to the `views` directory in the application root directory. diff --git a/src/content/docs/en/5x/guide/writing-middleware.mdx b/src/content/docs/en/5x/guide/writing-middleware.mdx index 054c6e6cb5..e7c411fce7 100644 --- a/src/content/docs/en/5x/guide/writing-middleware.mdx +++ b/src/content/docs/en/5x/guide/writing-middleware.mdx @@ -5,7 +5,7 @@ description: Learn how to write custom middleware functions for Express.js appli import Alert from '@components/primitives/Alert/Alert.astro'; -_Middleware_ functions are functions that have access to the [request object](../../api/request) (`req`), the [response object](../../api/response) (`res`), and the `next` function in the application's request-response cycle. The `next` function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware. +_Middleware_ functions are functions that have access to the [request object](/en/5x/api/request) (`req`), the [response object](/en/5x/api/response) (`res`), and the `next` function in the application's request-response cycle. The `next` function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware. Middleware functions can perform the following tasks: @@ -143,7 +143,7 @@ async function cookieValidator(cookies) { } ``` -Here, we use the [`cookie-parser`](../../../resources/middleware/cookie-parser) middleware to parse incoming cookies off the `req` object and pass them to our `cookieValidator` function. The `validateCookies` middleware returns a Promise that upon rejection will automatically trigger our error handler. +Here, we use the [`cookie-parser`](/en/resources/middleware/cookie-parser) middleware to parse incoming cookies off the `req` object and pass them to our `cookieValidator` function. The `validateCookies` middleware returns a Promise that upon rejection will automatically trigger our error handler. ```js const express = require('express'); @@ -181,7 +181,7 @@ functions. Because you have access to the request object, the response object, the next middleware function in the stack, and the whole Node.js API, the possibilities with middleware functions are endless. -For more information about Express middleware, see: [Using Express middleware](../using-middleware). +For more information about Express middleware, see: [Using Express middleware](/en/5x/guide/using-middleware). ## Configurable middleware diff --git a/src/content/docs/en/5x/starter/basic-routing.mdx b/src/content/docs/en/5x/starter/basic-routing.mdx index 6d4768513d..b496725fe6 100644 --- a/src/content/docs/en/5x/starter/basic-routing.mdx +++ b/src/content/docs/en/5x/starter/basic-routing.mdx @@ -26,7 +26,7 @@ Where: This tutorial assumes that an instance of `express` named `app` is created and the server is running. If you are not familiar with creating an app and starting it, see the [Hello world -example](../hello-world). +example](/en/5x/starter/hello-world). @@ -64,4 +64,4 @@ app.delete('/user', (req, res) => { }); ``` -For more details about routing, see the [routing guide](../../guide/routing). +For more details about routing, see the [routing guide](/en/5x/guide/routing). diff --git a/src/content/docs/en/5x/starter/faq.md b/src/content/docs/en/5x/starter/faq.md index 5b0339691e..7aa8cd8cc7 100755 --- a/src/content/docs/en/5x/starter/faq.md +++ b/src/content/docs/en/5x/starter/faq.md @@ -42,7 +42,7 @@ To normalize template engine interfaces and caching, see the [consolidate.js](https://github.com/visionmedia/consolidate.js) project for support. Unlisted template engines might still support the Express signature. -For more information, see [Using template engines with Express](../../guide/using-template-engines). +For more information, see [Using template engines with Express](/en/5x/guide/using-template-engines). ## How do I handle 404 responses? @@ -75,7 +75,7 @@ app.use((err, req, res, next) => { }); ``` -For more information, see [Error handling](../../guide/error-handling). +For more information, see [Error handling](/en/5x/guide/error-handling). ## How do I render plain HTML? @@ -86,5 +86,5 @@ middleware function. ## What version of Node.js does Express require? -- [Express 4.x](../../../4x/api) requires Node.js 0.10 or higher. -- [Express 5.x](../../../5x/api) requires Node.js 18 or higher. +- [Express 4.x](/en/4x/api) requires Node.js 0.10 or higher. +- [Express 5.x](/en/5x/api) requires Node.js 18 or higher. diff --git a/src/content/docs/en/5x/starter/hello-world.mdx b/src/content/docs/en/5x/starter/hello-world.mdx index 3ba6fb1fec..82bb890374 100644 --- a/src/content/docs/en/5x/starter/hello-world.mdx +++ b/src/content/docs/en/5x/starter/hello-world.mdx @@ -8,7 +8,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; Embedded below is essentially the simplest Express app you can create. It is a single file app -— _not_ what you'd get if you use the [Express generator](../generator), which +— _not_ what you'd get if you use the [Express generator](/en/5x/starter/generator), which creates the scaffolding for a full app with numerous JavaScript files, Jade templates, and sub-directories for various purposes. @@ -33,7 +33,7 @@ to the root URL (`/`) or _route_. For every other path, it will respond with a * ## Running Locally -First create a directory named `myapp`, change to it and run `npm init`. Then, install `express` as a dependency, as per the [installation guide](../installing). +First create a directory named `myapp`, change to it and run `npm init`. Then, install `express` as a dependency, as per the [installation guide](/en/5x/starter/installing). In the `myapp` directory, create a file named `app.js` and copy the code from the example above. diff --git a/src/content/docs/en/5x/starter/static-files.mdx b/src/content/docs/en/5x/starter/static-files.mdx index 2506633eea..c594347e99 100644 --- a/src/content/docs/en/5x/starter/static-files.mdx +++ b/src/content/docs/en/5x/starter/static-files.mdx @@ -14,7 +14,7 @@ express.static(root, [options]); ``` The `root` argument specifies the root directory from which to serve static assets. -For more information on the `options` argument, see [express.static](../../api/express/#expressstaticroot-options). +For more information on the `options` argument, see [express.static](/en/5x/api/express/#expressstaticroot-options). For example, use the following code to serve images, CSS files, and JavaScript files in a directory named `public`: @@ -51,12 +51,12 @@ Express looks up the files in the order in which you set the static directories For best results, [use a reverse -proxy](../../../advanced/best-practice-performance/#use-a-reverse-proxy) cache to improve performance of +proxy](/en/advanced/best-practice-performance/#use-a-reverse-proxy) cache to improve performance of serving static assets. -To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the `express.static` function, [specify a mount path](../../api/application/#appusepath-callback--callback) for the static directory, as shown below: +To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the `express.static` function, [specify a mount path](/en/5x/api/application/#appusepath-callback--callback) for the static directory, as shown below: ```js app.use('/static', express.static('public')); @@ -79,4 +79,4 @@ const path = require('path'); app.use('/static', express.static(path.join(__dirname, 'public'))); ``` -For more details about the `serve-static` function and its options, see [serve-static](../../../resources/middleware/serve-static). +For more details about the `serve-static` function and its options, see [serve-static](/en/resources/middleware/serve-static). diff --git a/src/content/pages/en/advanced/best-practice-security.mdx b/src/content/pages/en/advanced/best-practice-security.mdx index a11c84d4c5..b648275ad1 100644 --- a/src/content/pages/en/advanced/best-practice-security.mdx +++ b/src/content/pages/en/advanced/best-practice-security.mdx @@ -34,9 +34,9 @@ Security best practices for Express applications in production include: ## Don't use deprecated or vulnerable versions of Express -Express 2.x and 3.x are no longer maintained. Security and performance issues in these versions won't be fixed. Do not use them! If you haven't moved to version 4, follow the [migration guide](../../guide/migrating-4) or consider [Commercial Support Options](../../support#commercial-support-options). +Express 2.x and 3.x are no longer maintained. Security and performance issues in these versions won't be fixed. Do not use them! If you haven't moved to version 4, follow the [migration guide](/en/guide/migrating-4) or consider [Commercial Support Options](/en/support#commercial-support-options). -Also ensure you are not using any of the vulnerable Express versions listed on the [Security updates page](../security-updates). If you are, update to one of the stable releases, preferably the latest. +Also ensure you are not using any of the vulnerable Express versions listed on the [Security updates page](/en/advanced/security-updates). If you are, update to one of the stable releases, preferably the latest. ## Use TLS diff --git a/src/content/pages/en/advanced/security-updates.mdx b/src/content/pages/en/advanced/security-updates.mdx index a8e4f2451b..38321df957 100644 --- a/src/content/pages/en/advanced/security-updates.mdx +++ b/src/content/pages/en/advanced/security-updates.mdx @@ -18,7 +18,7 @@ The list below enumerates the Express vulnerabilities that were fixed in the spe If you believe you have discovered a security vulnerability in Express, please see [Security -Policies and Procedures](../../resources/contributing#security-policies-and-procedures). +Policies and Procedures](/en/resources/contributing#security-policies-and-procedures). diff --git a/src/content/pages/en/guide/migrating-4.mdx b/src/content/pages/en/guide/migrating-4.mdx index fcfe6415c7..0d34c390ee 100644 --- a/src/content/pages/en/guide/migrating-4.mdx +++ b/src/content/pages/en/guide/migrating-4.mdx @@ -204,7 +204,7 @@ new features to help organize your routes: The new `app.route()` method enables you to create chainable route handlers for a route path. Because the path is specified in a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more -information about routes, see [`Router()` documentation](../../4x/api/router/). +information about routes, see [`Router()` documentation](/en/4x/api/router/). Here is an example of chained route handlers that are defined by using the `app.route()` function. diff --git a/src/content/pages/en/guide/migrating-5.mdx b/src/content/pages/en/guide/migrating-5.mdx index ee89fed472..6ed27d0f1e 100644 --- a/src/content/pages/en/guide/migrating-5.mdx +++ b/src/content/pages/en/guide/migrating-5.mdx @@ -103,7 +103,7 @@ Or you can update your code manually: A leading colon character (:) in the name for the `app.param(name, fn)` function is a remnant of Express 3, and for the sake of backwards compatibility, Express 4 supported it with a deprecation notice. Express 5 will silently ignore it and use the name parameter without prefixing it with a colon. -This should not affect your code if you follow the Express 4 documentation of [app.param](../../4x/api/application/#appparamname-callback), as it makes no mention of the leading colon. +This should not affect your code if you follow the Express 4 documentation of [app.param](/en/4x/api/application/#appparamname-callback), as it makes no mention of the leading colon. ### req.param(name) @@ -404,7 +404,7 @@ Path route matching syntax is when a string is supplied as the first parameter t Request middleware and handlers that return rejected promises are now handled by forwarding the rejected value as an `Error` to the error handling middleware. This means that using `async` functions as middleware and handlers are easier than ever. When an error is thrown in an `async` function or a rejected promise is `await`ed inside an async function, those errors will be passed to the error handler as if calling `next(err)`. -Details of how Express handles errors is covered in the [error handling documentation](../../5x/guide/error-handling). +Details of how Express handles errors is covered in the [error handling documentation](/en/5x/guide/error-handling). #### How to update diff --git a/src/content/pages/en/resources/community.mdx b/src/content/pages/en/resources/community.mdx index 27e2eb9163..e54509fdf7 100755 --- a/src/content/pages/en/resources/community.mdx +++ b/src/content/pages/en/resources/community.mdx @@ -38,11 +38,11 @@ Members of the Express technical committee are: ## Express is made of many modules Our vibrant community has created a large variety of extensions, -[middleware modules](../middleware) and higher-level frameworks. +[middleware modules](/en/resources/middleware) and higher-level frameworks. Additionally, the Express community maintains modules in these two GitHub orgs: -- [jshttp](https://github.com/jshttp) modules providing useful utility functions; see [Utility modules](../utils). +- [jshttp](https://github.com/jshttp) modules providing useful utility functions; see [Utility modules](/en/resources/utils/). - [pillarjs](https://github.com/pillarjs): low-level modules that Express uses internally. To keep up with what is going on in the whole community, check out the [ExpressJS StatusBoard](https://expressjs.github.io/statusboard/). diff --git a/src/content/pages/en/resources/contributing.mdx b/src/content/pages/en/resources/contributing.mdx index e3b292a74a..6e83079c25 100644 --- a/src/content/pages/en/resources/contributing.mdx +++ b/src/content/pages/en/resources/contributing.mdx @@ -9,7 +9,7 @@ Express is an [OpenJS Foundation](https://openjsf.org/) project spread across th ## Technical committee -The Express technical committee consists of active project members, and guides development and maintenance of the Express project. For more information, see [Express Community - Technical committee](../community/#technical-committee). +The Express technical committee consists of active project members, and guides development and maintenance of the Express project. For more information, see [Express Community - Technical committee](/en/resources/community/#technical-committee). ## Community contributing guide diff --git a/src/content/pages/en/resources/glossary.mdx b/src/content/pages/en/resources/glossary.mdx index 2bb348af2a..3050aaf011 100644 --- a/src/content/pages/en/resources/glossary.mdx +++ b/src/content/pages/en/resources/glossary.mdx @@ -7,7 +7,7 @@ import Alert from '@components/primitives/Alert/Alert.astro'; ## application -In general, one or more programs that are designed to carry out operations for a specific purpose. In the context of Express, a program that uses the Express API running on the Node.js platform. Might also refer to an [app object](../../api/express). +In general, one or more programs that are designed to carry out operations for a specific purpose. In the context of Express, a program that uses the Express API running on the Node.js platform. Might also refer to an [app object](/en/api/express). ## API @@ -58,4 +58,4 @@ Part of a URL that identifies a resource. For example, in `http://foo.com/produc ## router -See [router](../../api/router) in the API reference. +See [router](/en/api/router) in the API reference. diff --git a/src/content/pages/en/support.md b/src/content/pages/en/support.md index 3c5cec7e69..ad62dfb933 100644 --- a/src/content/pages/en/support.md +++ b/src/content/pages/en/support.md @@ -7,14 +7,14 @@ Only the latest version of any given major release line is supported. Versions that are EOL (end-of-life) _may_ receive updates for critical security vulnerabilities, but the Express team offers no guarantee and does not plan to address or release fixes for any issues found. -| Major Version | Minimum Node.js Version | Support Start Date | Support End Date | -| --------------------- | ----------------------- | ------------------ | ---------------- | -| [**v5.x**](../5x/api) | 18 | September 2024 | **ongoing** | -| [**v4.x**](../4x/api) | 0.10.0 | April 2014 | **ongoing** | -| [**v3.x**](../3x/api) | 0.8.0 | October 2012 | July 2015 | -| [**v2.x**](/2x/) | 0.4.1 | March 2011 | July 2012 | -| **v1.x** | 0.2.0 | December 2010 | March 2011 | -| **v0.14.x** | 0.1.98 | December 2010 | December 2010 | +| Major Version | Minimum Node.js Version | Support Start Date | Support End Date | +| -------------------------------------------------------------- | ----------------------- | ------------------ | ---------------- | +| [**v5.x**](/en/5x/api) | 18 | September 2024 | **ongoing** | +| [**v4.x**](/en/4x/api) | 0.10.0 | April 2014 | **ongoing** | +| [**v3.x**](/en/3x/api) | 0.8.0 | October 2012 | July 2015 | +| [**v2.x**](https://github.com/expressjs/expressjs.com/tree/2x) | 0.4.1 | March 2011 | July 2012 | +| **v1.x** | 0.2.0 | December 2010 | March 2011 | +| **v0.14.x** | 0.1.98 | December 2010 | December 2010 | ## Commercial Support Options From 12e6cc90eb22d0af882f7b5e9beb010b8ba6b0cb Mon Sep 17 00:00:00 2001 From: krzysdz Date: Fri, 29 May 2026 11:55:42 +0200 Subject: [PATCH 10/16] Exclude loopback addresses from link checker One of the guide pages (migrating to Express 4) linked to localhost, so that it would be easier for people to open their website and check if it works --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 35c2fb19b1..54561f95a0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -96,6 +96,7 @@ jobs: --exclude-path dist/llms.txt --exclude-path dist/llms/ --exclude-private + --exclude-loopback --remap "https://expressjs\.com\/((?:[^\/]+\/)*[^\/\.]+)\/?$ file://$PWD/dist/\$1/index.html" --remap "https://expressjs\.com\/(.*\.html)$ file://$PWD/dist/\$1" dist/ From 238489dfcfee18a5fdafb3cb532bbb95176936bc Mon Sep 17 00:00:00 2001 From: krzysdz Date: Fri, 29 May 2026 12:41:11 +0200 Subject: [PATCH 11/16] link checker: ignore LinkedIn profile links --- .lycheeignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.lycheeignore b/.lycheeignore index ade1f4dc40..066f81460a 100644 --- a/.lycheeignore +++ b/.lycheeignore @@ -23,6 +23,8 @@ https://coveralls.io/-* # Prevent LinkedIn rate limit https://www.linkedin.com/sharing/share-offsite/.* +# LinkedIn profiles that exist return 404 if not logged in, but it's also easy to hit a rate limit +https://www.linkedin.com/in/ # Ignore slack invite 403 (this will cause us to miss link invite expiration too) https://slack-invite.openjsf.org/ From 39fb1cc0730f5e3a08bf0a83c8fa8e795c4e6540 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Fri, 29 May 2026 13:31:57 +0200 Subject: [PATCH 12/16] Change regex format in .lycheeignore --- .lycheeignore | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/.lycheeignore b/.lycheeignore index 066f81460a..4b56d44879 100644 --- a/.lycheeignore +++ b/.lycheeignore @@ -1,30 +1,25 @@ # Prevent rate limit for npmjs links -http://npmjs.com/.* -https://npmjs.com/.* -https://www.npmjs.com/.* -https://npmjs.org/.* -https://www.npmjs.org/.* +^https?://(www\.)?npmjs\.(com|org)/ # Prevent github rate limit -https://github.com/.* +^https://github\.com/ # Exclude 404 pages -dist/.*/404/index.html$ -dist/404/index.html$ +dist/(.*/)?404((/index)?\.html|/)$ # Exclude Open Collective links -https://opencollective.com/.* +^https://opencollective\.com/ # Prevent netlify rate limit -https://www.netlify.com/ +^https://www\.netlify\.com/ # Ignore Coveralls links -https://coveralls.io/-* +^https://coveralls\.io/ # Prevent LinkedIn rate limit -https://www.linkedin.com/sharing/share-offsite/.* +^https://www\.linkedin\.com/sharing/share-offsite/ # LinkedIn profiles that exist return 404 if not logged in, but it's also easy to hit a rate limit -https://www.linkedin.com/in/ +^https://www\.linkedin\.com/in/ # Ignore slack invite 403 (this will cause us to miss link invite expiration too) -https://slack-invite.openjsf.org/ +^https://slack-invite\.openjsf\.org/ From f27e2e13bf6d0c4c2e4c621c36ae6bfc1b5add4c Mon Sep 17 00:00:00 2001 From: krzysdz Date: Fri, 29 May 2026 13:40:26 +0200 Subject: [PATCH 13/16] link checker: ignore Oracle pages --- .lycheeignore | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.lycheeignore b/.lycheeignore index 4b56d44879..96201a040e 100644 --- a/.lycheeignore +++ b/.lycheeignore @@ -23,3 +23,7 @@ dist/(.*/)?404((/index)?\.html|/)$ # Ignore slack invite 403 (this will cause us to miss link invite expiration too) ^https://slack-invite\.openjsf\.org/ + +# Oracle pages return 403 when connected +^https://www\.mysql\.com/ +^https://www\.oracle\.com/ From f76585920c3b8357efe0c83b1bfcb3e458c22463 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Fri, 29 May 2026 13:44:31 +0200 Subject: [PATCH 14/16] Fix vulnerabilities feed blog links Similar problem to #2351 --- src/pages/vulnerabilities.xml.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pages/vulnerabilities.xml.ts b/src/pages/vulnerabilities.xml.ts index 4a568c9aa7..ca30a51e1c 100644 --- a/src/pages/vulnerabilities.xml.ts +++ b/src/pages/vulnerabilities.xml.ts @@ -23,7 +23,7 @@ export const GET: APIRoute = async (context) => { description: 'Posts tagged as security from the Express.js blog.', site: site.href, items: securityPosts.map((post) => ({ - link: `/blog/${post.id}/`, + link: `/en/blog/${post.id}/`, title: post.data.title, pubDate: getPubDateFromId(post.id), description: post.data.description, From 018eec663e9630d7c2ac6f5cfe10415690b07872 Mon Sep 17 00:00:00 2001 From: krzysdz Date: Fri, 29 May 2026 23:27:01 +0200 Subject: [PATCH 15/16] Fix missed relative links Missed in b1bc08beaeeebed7d71c8015f96cfc39c33dd623 --- src/content/pages/en/resources/index.mdx | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/content/pages/en/resources/index.mdx b/src/content/pages/en/resources/index.mdx index af7da1f3a0..890eb29a75 100644 --- a/src/content/pages/en/resources/index.mdx +++ b/src/content/pages/en/resources/index.mdx @@ -9,31 +9,31 @@ import { CardList } from '@components/patterns'; Find resources to help you learn, contribute, and connect with the Express.js ecosystem. Whether you're looking to get involved in the community, explore middleware, or understand key concepts, you'll find what you need here. - + - + - + - + - + Date: Sat, 30 May 2026 00:09:11 +0200 Subject: [PATCH 16/16] Update nonexistent fragments --- src/content/api/4x/api/application/index.mdx | 2 +- src/content/api/5x/api/application/index.mdx | 2 +- src/content/pages/en/advanced/best-practice-security.mdx | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/content/api/4x/api/application/index.mdx b/src/content/api/4x/api/application/index.mdx index c3ee6103ce..f4f0fffaf2 100644 --- a/src/content/api/4x/api/application/index.mdx +++ b/src/content/api/4x/api/application/index.mdx @@ -842,7 +842,7 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN | Property | Type | Description | Default | | ------------------------ | --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- | | `case sensitive routing` | Boolean | Enable case sensitivity. When enabled, "/Foo" and "/foo" are different routes. When disabled, "/Foo" and "/foo" are treated the same. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `env` | String | Environment mode. Be sure to set to "production" in a production environment; see [Production best practices: performance and reliability](/en/advanced/best-practice-performance#env). | `process.env.NODE_ENV` (`NODE_ENV` environment variable) or "development" if `NODE_ENV` is not set. | +| `env` | String | Environment mode. Be sure to set to "production" in a production environment; see [Production best practices: performance and reliability](/en/advanced/best-practice-performance#things-to-do-in-your-environment--setup). | `process.env.NODE_ENV` (`NODE_ENV` environment variable) or "development" if `NODE_ENV` is not set. | | `etag` | Varied | Set the ETag response header. For possible values, see the `etag` options table below. [More about the HTTP ETag header](https://en.wikipedia.org/wiki/HTTP_ETag). | `weak` | | `jsonp callback name` | String | Specifies the default JSONP callback name. | "callback" | | `json escape` | Boolean | Enable escaping JSON responses from the `res.json`, `res.jsonp`, and `res.send` APIs. This will escape the characters `<`, `>`, and `&` as Unicode escape sequences in JSON. The purpose of this is to assist with [mitigating certain types of persistent XSS attacks](https://blog.mozilla.org/security/2017/07/18/web-service-audits-firefox-accounts/) when clients sniff responses for HTML. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | diff --git a/src/content/api/5x/api/application/index.mdx b/src/content/api/5x/api/application/index.mdx index 4b102e4fff..312ca0c394 100644 --- a/src/content/api/5x/api/application/index.mdx +++ b/src/content/api/5x/api/application/index.mdx @@ -780,7 +780,7 @@ Sub-apps will not inherit the value of `view cache` in production (when `NODE_EN | Property | Type | Description | Default | | ------------------------ | --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- | | `case sensitive routing` | Boolean | Enable case sensitivity. When enabled, "/Foo" and "/foo" are different routes. When disabled, "/Foo" and "/foo" are treated the same. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | -| `env` | String | Environment mode. Be sure to set to "production" in a production environment; see [Production best practices: performance and reliability](/en/advanced/best-practice-performance#env). | `process.env.NODE_ENV` (`NODE_ENV` environment variable) or "development" if `NODE_ENV` is not set. | +| `env` | String | Environment mode. Be sure to set to "production" in a production environment; see [Production best practices: performance and reliability](/en/advanced/best-practice-performance#things-to-do-in-your-environment--setup). | `process.env.NODE_ENV` (`NODE_ENV` environment variable) or "development" if `NODE_ENV` is not set. | | `etag` | Varied | Set the ETag response header. For possible values, see the `etag` options table below. [More about the HTTP ETag header](https://en.wikipedia.org/wiki/HTTP_ETag). | `weak` | | `jsonp callback name` | String | Specifies the default JSONP callback name. | "callback" | | `json escape` | Boolean | Enable escaping JSON responses from the `res.json`, `res.jsonp`, and `res.send` APIs. This will escape the characters `<`, `>`, and `&` as Unicode escape sequences in JSON. The purpose of this is to assist with [mitigating certain types of persistent XSS attacks](https://blog.mozilla.org/security/2017/07/18/web-service-audits-firefox-accounts/) when clients sniff responses for HTML. **NOTE**: Sub-apps will inherit the value of this setting. | N/A (undefined) | diff --git a/src/content/pages/en/advanced/best-practice-security.mdx b/src/content/pages/en/advanced/best-practice-security.mdx index b648275ad1..4dd530de81 100644 --- a/src/content/pages/en/advanced/best-practice-security.mdx +++ b/src/content/pages/en/advanced/best-practice-security.mdx @@ -42,7 +42,7 @@ Also ensure you are not using any of the vulnerable Express versions listed on t If your app deals with or transmits sensitive data, use [Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security) (TLS) to secure the connection and the data. This technology encrypts data before it is sent from the client to the server, thus preventing some common (and easy) hacks. Although Ajax and POST requests might not be visibly obvious and seem "hidden" in browsers, their network traffic is vulnerable to [packet sniffing](https://en.wikipedia.org/wiki/Packet_analyzer) and [man-in-the-middle attacks](https://en.wikipedia.org/wiki/Man-in-the-middle_attack). -You may be familiar with Secure Socket Layer (SSL) encryption. [TLS is simply the next progression of SSL](https://learn.microsoft.com/en-us/windows/win32/secauthn/tls-versus-ssl). In other words, if you were using SSL before, consider upgrading to TLS. In general, we recommend Nginx to handle TLS. For a good reference to configure TLS on Nginx (and other servers), see [Recommended Server Configurations (Mozilla Wiki)](https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Server_Configurations). +You may be familiar with Secure Socket Layer (SSL) encryption. [TLS is simply the next progression of SSL](https://learn.microsoft.com/en-us/windows/win32/secauthn/tls-versus-ssl). In other words, if you were using SSL before, consider upgrading to TLS. In general, we recommend Nginx to handle TLS. For a good reference to configure TLS on Nginx (and other servers), see [Recommended Server Configurations (Mozilla Wiki)](https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations). Also, a handy tool to get a free TLS certificate is [Let's Encrypt](https://letsencrypt.org/about/), a free, automated, and open certificate authority (CA) provided by the [Internet Security Research Group (ISRG)](https://www.abetterinternet.org/).