Skip to content

Instantly share code, notes, and snippets.

@joeyciechanowicz
Last active May 11, 2021 08:01
Show Gist options
  • Save joeyciechanowicz/1bd6a9b9ed6ecf853d3972b07c17f670 to your computer and use it in GitHub Desktop.
Save joeyciechanowicz/1bd6a9b9ed6ecf853d3972b07c17f670 to your computer and use it in GitHub Desktop.
express server which adds routes by `evaling` the request query. super not safe ❇️
const app = require("express")();
/**
* Take verb, route and code then add it to express like you would do
*
* app.get('/route', handlerFunc);
*/
app.get("/add", (req, res) => {
if (!(req.query.code && req.query.route && req.query.verb)) {
return res
.status(400)
.send(
"missing query. expected /add?verb=get&route=/foo&code=(req,res)=>res.send('bar')"
);
}
const handler = eval(req.query.code);
if (typeof handler !== "function") {
return res.status(400).send("code is not a handler function");
}
app[req.query.verb](req.query.route, handler);
res.json({
verb: req.query.verb,
route: req.query.route,
handler: handler.toString(),
routeStack: app._router.stack,
});
});
app.listen(8080, () => {
console.log("Self-editing server listening on http://localhost:8080");
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment