tRPC doesn't explicitly check Content-Type - tRPC

B

tRPC•3y ago•

8 replies

tRPC doesn't explicitly check Content-Type

OWASP recommends explicitly checking the Content-Type header to be the expected one, but when I pass Content-Type: 'application/xml' to tRPC with JSON, it just parses it like it's JSON, instead of throwing a 400 or something. Is there a reason why this is done this way, and how can I change this behavior?

Move Fast & Break Nothing. End-to-end typesafe APIs made easy.

4,951Members

Resources

Recent Announcements

Similar Threads

Was this page helpful?

Similar Threads

tRPC doesn't support redirect

Bbackbone / ❓-help

TRPC type aliasing

Llarryx01 / ❓-help

useContext won't infer type from tRPC client

Kkosilica / ❓-help

trpc doesn't work after migrating to next 15

PPinkiePie / ❓-help