Express request object to validate size
Express response object for error responses
Express next function to continue middleware chain
// Usage in main application middleware stack
import { requestSizeLimiter } from '@/shared/middleware/security';
app.use(requestSizeLimiter); // Apply before body parsing
app.use(express.json({ limit: '10mb' }));
app.use(express.urlencoded({ extended: true, limit: '10mb' }));
Request Size Limiting Middleware
Validates incoming request size against configurable limits to prevent resource exhaustion attacks and ensure system stability. This middleware checks the Content-Length header before request processing to reject oversized requests early in the pipeline, preventing memory exhaustion and processing overhead.
When requests exceed the size limit, the middleware responds with a standardized error format and logs the violation for security monitoring. The size limit is configurable via environment variables to accommodate different deployment needs.
Applied before body parsing middleware to prevent large payloads from being processed and consuming server resources. Works in conjunction with Express body parser limits for comprehensive request size control.