www/apps/resources/app/lint/rules/use-validated-body-or-query/page.mdx
import { Note } from "docs-ui"
export const metadata = {
title: use-validated-body-or-query - ESLint plugin rules,
}
This rule requires using req.validatedBody or req.validatedQuery when a validation middleware is applied to the route.
warn. This rule is enabled in the strict preset.
By default, Medusa projects use the recommended preset, which doesn't enable this rule. To use it, switch to the strict preset.
This rule targets route.ts and route.js files in your project's src/api directory. It reports access to req.body or req.query in a handler when a validateAndTransformBody or validateAndTransformQuery middleware is applied to the route.
The following code is reported by the rule when body validation is applied to the route:
export const POST = async (req, res) => {
res.json(req.body)
}
Instead, use the validated property:
export const POST = async (req, res) => {
res.json(req.validatedBody)
}
A validation middleware populates req.validatedBody and req.validatedQuery with the parsed and transformed data. Reading the raw req.body or req.query skips that validation and transformation.
Learn more in the Validation documentation.
This rule is auto-fixable. Run the linter with the --fix option to apply the fix automatically.
To turn off this rule, set it to off in your ESLint configuration:
import { defineConfig } from "eslint/config"
import medusa from "@medusajs/eslint-plugin"
export default defineConfig([
...medusa.configs.strict,
{
rules: {
"@medusajs/use-validated-body-or-query": "off",
},
},
])
Or disable it for a single line using an inline comment:
// eslint-disable-next-line @medusajs/use-validated-body-or-query
res.json(req.body)