Typescript Accepts Any Mime Header
Description
Detects insecure MIME type configurations in Express.js applications that accept any MIME type in requests. This vulnerability can enable attackers to bypass content type restrictions and potentially execute malicious files by sending them with unexpected MIME types.
Detection Strategy
• Check Express.js route handlers and middleware configurations for MIME type settings
• Look for use of Express accept headers or content-type settings that allow all types (*/*)
• Identify routes that don't explicitly specify allowed MIME types
• Flag instances where content type validation is missing or explicitly set to accept all types
Vulnerable code example
const express = require('express')
const bodyParser = require('body-parser')
const app = express()
app.use(bodyParser.text({ type: '*/*' })) // Vulnerable: Accepts all content types, enabling parsing ambiguity attacks
app.post('/api', (req, res) => {
res.send('Received: ' + req.body)
})...✅ Secure code example
const express = require('express')
const bodyParser = require('body-parser')
const app = express()
// Only accept specific content types to prevent parsing ambiguity attacks
app.use(bodyParser.text({ type: 'text/plain' }))
app.use(bodyParser.json({ type: 'application/json' }))...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.