5.x API
Caution
This is early beta documentation that may be incomplete and is still under development.
Note
Express 5.0 requires Node.js 18 or higher.
express()
Creates an Express application. The express() function is a top-level function exported by the express module.
const express = require('express')
const app = express()
Methods
express.json([options])
This is a built-in middleware function in Express. It parses incoming requests with JSON payloads and is based on body-parser.
Returns middleware that only parses JSON and only looks at requests where
the Content-Type header matches the type option. This parser accepts any
Unicode encoding of the body and supports automatic inflation of gzip and
deflate encodings.
A new body object containing the parsed data is populated on the request
object after the middleware (i.e. req.body), or an empty object ({}) if
there was no body to parse, the Content-Type was not matched, or an error
occurred.
As req.body’s shape is based on user-controlled input, all properties and
values in this object are untrusted and should be validated before trusting.
For example, req.body.foo.toString() may fail in multiple ways, for example
foo may not be there or may not be a string, and toString may not be a
function and instead a string or other user-input.
The following table describes the properties of the optional options object.
| Property | Description | Type | Default |
|---|---|---|---|
inflate |
Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | true |
limit |
Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the bytes library for parsing. | Mixed | "100kb" |
reviver |
The reviver option is passed directly to JSON.parse as the second argument. You can find more information on this argument in the MDN documentation about JSON.parse. |
Function | null |
strict |
Enables or disables only accepting arrays and objects; when disabled will accept anything JSON.parse accepts. |
Boolean | true |
type |
This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, type option is passed directly to the type-is library and this can be an extension name (like json), a mime type (like application/json), or a mime type with a wildcard (like */* or */json). If a function, the type option is called as fn(req) and the request is parsed if it returns a truthy value. |
Mixed | "application/json" |
verify |
This option, if supplied, is called as verify(req, res, buf, encoding), where buf is a Buffer of the raw request body and encoding is the encoding of the request. The parsing can be aborted by throwing an error. |
Function | undefined |
express.static(root, [options])
This is a built-in middleware function in Express. It serves static files and is based on serve-static.
NOTE: For best results, use a reverse proxy cache to improve performance of serving static assets.
The root argument specifies the root directory from which to serve static assets.
The function determines the file to serve by combining req.url with the provided root directory.
When a file is not found, instead of sending a 404 response, it instead calls next()
to move on to the next middleware, allowing for stacking and fall-backs.
The following table describes the properties of the options object.
See also the example below.
| Property | Description | Type | Default |
|---|---|---|---|
dotfiles |
Determines how dotfiles (files or directories that begin with a dot “.”) are treated. See dotfiles below. |
String | “ignore” |
etag |
Enable or disable etag generation NOTE: express.static always sends weak ETags. |
Boolean | true |
extensions |
Sets file extension fallbacks: If a file is not found, search for files with the specified extensions and serve the first one found. Example: ['html', 'htm']. |
Mixed | false |
fallthrough |
Let client errors fall-through as unhandled requests, otherwise forward a client error. See fallthrough below. |
Boolean | true |
immutable |
Enable or disable the immutable directive in the Cache-Control response header. If enabled, the maxAge option should also be specified to enable caching. The immutable directive will prevent supported clients from making conditional requests during the life of the maxAge option to check if the file has changed. |
Boolean | false |
index |
Sends the specified directory index file. Set to false to disable directory indexing. |
Mixed | “index.html” |
lastModified |
Set the Last-Modified header to the last modified date of the file on the OS. |
Boolean | true |
maxAge |
Set the max-age property of the Cache-Control header in milliseconds or a string in ms format. | Number | 0 |
redirect |
Redirect to trailing “/” when the pathname is a directory. | Boolean | true |
setHeaders |
Function for setting HTTP headers to serve with the file. See setHeaders below. |
Function |
For more information, see Serving static files in Express. and Using middleware - Built-in middleware.
dotfiles
Possible values for this option are:
- “allow” - No special treatment for dotfiles.
- “deny” - Deny a request for a dotfile, respond with
403, then callnext(). - “ignore” - Act as if the dotfile does not exist, respond with
404, then callnext().
fallthrough
When this option is true, client errors such as a bad request or a request to a non-existent
file will cause this middleware to simply call next() to invoke the next middleware in the stack.
When false, these errors (even 404s), will invoke next(err).
Set this option to true so you can map multiple physical directories
to the same web address or for routes to fill in non-existent files.
Use false if you have mounted this middleware at a path designed
to be strictly a single file system directory, which allows for short-circuiting 404s
for less overhead. This middleware will also reply to all methods.
setHeaders
For this option, specify a function to set custom response headers. Alterations to the headers must occur synchronously.
The signature of the function is:
fn(res, path, stat)
Arguments:
res, the response object.path, the file path that is being sent.stat, thestatobject of the file that is being sent.
Example of express.static
Here is an example of using the express.static middleware function with an elaborate options object:
const options = {
dotfiles: 'ignore',
etag: false,
extensions: ['htm', 'html'],
index: false,
maxAge: '1d',
redirect: false,
setHeaders (res, path, stat) {
res.set('x-timestamp', Date.now())
}
}
app.use(express.static('public', options))
express.Router([options])
Creates a new router object.
const router = express.Router([options])
The optional options parameter specifies the behavior of the router.
| Property | Description | Default | Availability |
|---|---|---|---|
caseSensitive |
Enable case sensitivity. | Disabled by default, treating “/Foo” and “/foo” as the same. | |
mergeParams |
Preserve the req.params values from the parent router. If the parent and the child have conflicting param names, the child’s value take precedence. |
false |
4.5.0+ |
strict |
Enable strict routing. | Disabled by default, “/foo” and “/foo/” are treated the same by the router. |
You can add middleware and HTTP method routes (such as get, put, post, and
so on) to router just like an application.
For more information, see Router.
express.urlencoded([options])
This is a built-in middleware function in Express. It parses incoming requests with urlencoded payloads and is based on body-parser.
Returns middleware that only parses urlencoded bodies and only looks at
requests where the Content-Type header matches the type option. This
parser accepts only UTF-8 encoding of the body and supports automatic
inflation of gzip and deflate encodings.
A new body object containing the parsed data is populated on the request
object after the middleware (i.e. req.body), or an empty object ({}) if
there was no body to parse, the Content-Type was not matched, or an error
occurred. This object will contain key-value pairs, where the value can be
a string or array (when extended is false), or any type (when extended
is true).
As req.body’s shape is based on user-controlled input, all properties and
values in this object are untrusted and should be validated before trusting.
For example, req.body.foo.toString() may fail in multiple ways, for example
foo may not be there or may not be a string, and toString may not be a
function and instead a string or other user-input.
The following table describes the properties of the optional options object.
| Property | Description | Type | Default |
|---|---|---|---|
extended |
This option allows to choose between parsing the URL-encoded data with the querystring library (when false) or the qs library (when true). The “extended” syntax allows for rich objects and arrays to be encoded into the URL-encoded format, allowing for a JSON-like experience with URL-encoded. For more information, please see the qs library. |
Boolean | false |
inflate |
Enables or disables handling deflated (compressed) bodies; when disabled, deflated bodies are rejected. | Boolean | true |
limit |
Controls the maximum request body size. If this is a number, then the value specifies the number of bytes; if it is a string, the value is passed to the bytes library for parsing. | Mixed | "100kb" |
parameterLimit |
This option controls the maximum number of parameters that are allowed in the URL-encoded data. If a request contains more parameters than this value, an error will be raised. | Number | 1000 |
type |
This is used to determine what media type the middleware will parse. This option can be a string, array of strings, or a function. If not a function, type option is passed directly to the type-is library and this can be an extension name (like urlencoded), a mime type (like application/x-www-form-urlencoded), or a mime type with a wildcard (like */x-www-form-urlencoded). If a function, the type option is called as fn(req) and the request is parsed if it returns a truthy value. |
Mixed | "application/x-www-form-urlencoded" |
verify |
This option, if supplied, is called as verify(req, res, buf, encoding), where buf is a Buffer of the raw request body and encoding is the encoding of the request. The parsing can be aborted by throwing an error. |
Function | undefined |
Application
The app object conventionally denotes the Express application.
Create it by calling the top-level express() function exported by the Express module:
const express = require('express')
const app = express()
app.get('/', (req, res) => {
res.send('hello world')
})
app.listen(3000)
The app object has methods for
- Routing HTTP requests; see for example, app.METHOD and app.param.
- Configuring middleware; see app.route.
- Rendering HTML views; see app.render.
- Registering a template engine; see app.engine.
It also has settings (properties) that affect how the application behaves; for more information, see Application settings.
The Express application object can be referred from the request object and the response object as req.app, and res.app, respectively.
Properties
app.locals
The app.locals object has properties that are local variables within the application,
and will be available in templates rendered with res.render.
console.dir(app.locals.title)
// => 'My App'
console.dir(app.locals.email)
// => 'me@myapp.com'
Once set, the value of app.locals properties persist throughout the life of the application,
in contrast with res.locals properties that
are valid only for the lifetime of the request.
You can access local variables in templates rendered within the application.
This is useful for providing helper functions to templates, as well as application-level data.
Local variables are available in middleware via req.app.locals (see req.app)
app.locals.title = 'My App'
app.locals.strftime = require('strftime')
app.locals.email = 'me@myapp.com'
app.mountpath
The app.mountpath property contains one or more path patterns on which a sub-app was mounted.
A sub-app is an instance of express that may be used for handling the request to a route.
const express = require('express')
const app = express() // the main app
const admin = express() // the sub app
admin.get('/', (req, res) => {
console.log(admin.mountpath) // /admin
res.send('Admin Homepage')
})
app.use('/admin', admin) // mount the sub app
It is similar to the baseUrl property of the req object, except req.baseUrl
returns the matched URL path, instead of the matched patterns.
If a sub-app is mounted on multiple path patterns, app.mountpath returns the list of
patterns it is mounted on, as shown in the following example.
const admin = express()
admin.get('/', (req, res) => {
console.log(admin.mountpath) // [ '/adm*n', '/manager' ]
res.send('Admin Homepage')
})
const secret = express()
secret.get('/', (req, res) => {
console.log(secret.mountpath) // /secr*t
res.send('Admin Secret')
})
admin.use('/secr*t', secret) // load the 'secret' router on '/secr*t', on the 'admin' sub app
app.use(['/adm*n', '/manager'], admin) // load the 'admin' router on '/adm*n' and '/manager', on the parent app
app.router
The application’s in-built instance of router. This is created lazily, on first access.
const express = require('express')
const app = express()
const router = app.router
router.get('/', (req, res) => {
res.send('hello world')
})
app.listen(3000)
You can add middleware and HTTP method routes to the router just like an application.
For more information, see Router.
Events
app.on('mount', callback(parent))
The mount event is fired on a sub-app, when it is mounted on a parent app. The parent app is passed to the callback function.
NOTE
Sub-apps will:
- Not inherit the value of settings that have a default value. You must set the value in the sub-app.
- Inherit the value of settings with no default value.
For details, see Application settings.
const admin = express()
admin.on('mount', (parent) => {
console.log('Admin Mounted')
console.log(parent) // refers to the parent app
})
admin.get('/', (req, res) => {
res.send('Admin Homepage')
})
app.use('/admin', admin)
Methods
app.all(path, callback [, callback ...])
This method is like the standard app.METHOD() methods, except it matches all HTTP verbs.
Arguments
| Argument | Description | Default |
|---|---|---|
path |
The path for which the middleware function is invoked; can be any of:
|
'/' (root path) |
callback |
Callback functions; can be:
You can provide multiple callback functions that behave just like middleware, except
that these callbacks can invoke When a callback function throws an error or returns a rejected promise, `next(err)` will be invoked automatically. Since router and app implement the middleware interface, you can use them as you would any other middleware function. For examples, see Middleware callback function examples. |
None |
Examples
The following callback is executed for requests to /secret whether using
GET, POST, PUT, DELETE, or any other HTTP request method:
app.all('/secret', (req, res, next) => {
console.log('Accessing the secret section ...')
next() // pass control to the next handler
})
The app.all() method is useful for mapping “global” logic for specific path prefixes or arbitrary matches. For example, if you put the following at the top of all other
route definitions, it requires that all routes from that point on
require authentication, and automatically load a user. Keep in mind
that these callbacks do not have to act as end-points: loadUser
can perform a task, then call next() to continue matching subsequent
routes.
app.all('(.*)', requireAuthentication, loadUser)
Or the equivalent:
app.all('(.*)', requireAuthentication)
app.all('(.*)', loadUser)
Another example is white-listed “global” functionality. The example is similar to the ones above, but it only restricts paths that start with “/api”:
app.all('/api/(.*)', requireAuthentication)
app.delete(path, callback [, callback ...])
Routes HTTP DELETE requests to the specified path with the specified callback functions. For more information, see the routing guide.
Arguments
| Argument | Description | Default |
|---|---|---|
path |
The path for which the middleware function is invoked; can be any of:
|
'/' (root path) |
callback |
Callback functions; can be:
You can provide multiple callback functions that behave just like middleware, except
that these callbacks can invoke When a callback function throws an error or returns a rejected promise, `next(err)` will be invoked automatically. Since router and app implement the middleware interface, you can use them as you would any other middleware function. For examples, see Middleware callback function examples. |
None |
Example
app.delete('/', (req, res) => {
res.send('DELETE request to homepage')
})
app.disable(name)
Sets the Boolean setting name to false, where name is one of the properties from the app settings table.
Calling app.set('foo', false) for a Boolean property is the same as calling app.disable('foo').
For example:
app.disable('trust proxy')
app.get('trust proxy')
// => false
app.disabled(name)
Returns true if the Boolean setting name is disabled (false), where name is one of the properties from
the app settings table.
app.disabled('trust proxy')
// => true
app.enable('trust proxy')
app.disabled('trust proxy')
// => false
app.enable(name)
Sets the Boolean setting name to true, where name is one of the properties from the app settings table.
Calling app.set('foo', true) for a Boolean property is the same as calling app.enable('foo').
app.enable('trust proxy')
app.get('trust proxy')
// => true
app.enabled(name)
Returns true if the setting name is enabled (true), where name is one of the
properties from the app settings table.
app.enabled('trust proxy')
// => false
app.enable('trust proxy')
app.enabled('trust proxy')
// => true
app.engine(ext, callback)
Registers the given template engine callback as ext.
By default, Express will require() the engine based on the file extension.
For example, if you try to render a “foo.pug” file, Express invokes the
following internally, and caches the require() on subsequent calls to increase
performance.
app.engine('pug', require('pug').__express)
Use this method for engines that do not provide .__express out of the box,
or if you wish to “map” a different extension to the template engine.
For example, to map the EJS template engine to “.html” files:
app.engine('html', require('ejs').renderFile)
In this case, EJS provides a .renderFile() method with
the same signature that Express expects: (path, options, callback),
though note that it aliases this method as ejs.__express internally
so if you’re using “.ejs” extensions you don’t need to do anything.
Some template engines do not follow this convention. The consolidate.js library maps Node template engines to follow this convention, so they work seamlessly with Express.
const engines = require('consolidate')
app.engine('haml', engines.haml)
app.engine('html', engines.hogan)
app.get(name)
Returns the value of name app setting, where name is one of the strings in the
app settings table. For example:
app.get('title')
// => undefined
app.set('title', 'My Site')
app.get('title')
// => "My Site"
app.get(path, callback [, callback ...])
Routes HTTP GET requests to the specified path with the specified callback functions.
Arguments
| Argument | Description | Default |
|---|---|---|
path |
The path for which the middleware function is invoked; can be any of:
|
'/' (root path) |
callback |
Callback functions; can be:
You can provide multiple callback functions that behave just like middleware, except
that these callbacks can invoke When a callback function throws an error or returns a rejected promise, `next(err)` will be invoked automatically. Since router and app implement the middleware interface, you can use them as you would any other middleware function. For examples, see Middleware callback function examples. |
None |
For more information, see the routing guide.
Example
app.get('/', (req, res) => {
res.send('GET request to homepage')
})
app.listen(path, [callback])
Starts a UNIX socket and listens for connections on the given path. This method is identical to Node’s http.Server.listen().
const express = require('express')
const app = express()
app.listen('/tmp/sock')
app.listen([port[, host[, backlog]]][, callback])
Binds and listens for connections on the specified host and port. This method is identical to Node’s http.Server.listen().
If port is omitted or is 0, the operating system will assign an arbitrary unused port, which is useful for cases like automated tasks (tests, etc.).
const express = require('express')
const app = express()
app.listen(3000)
The app returned by express() is in fact a JavaScript
Function, designed to be passed to Node’s HTTP servers as a callback
to handle requests. This makes it easy to provide both HTTP and HTTPS versions of
your app with the same code base, as the app does not inherit from these
(it is simply a callback):
const express = require('express')
const https = require('https')
const http = require('http')
const app = express()
http.createServer(app).listen(80)
https.createServer(options, app).listen(443)
The app.listen() method returns an http.Server object and (for HTTP) is a convenience method for the following:
app.listen = function () {
const server = http.createServer(this)
return server.listen.apply(server, arguments)
}
Note
All the forms of Node’s http.Server.listen() method are in fact actually supported.
app.METHOD(path, callback [, callback ...])
Routes an HTTP request, where METHOD is the HTTP method of the request, such as GET,
PUT, POST, and so on, in lowercase. Thus, the actual methods are app.get(),
app.post(), app.put(), and so on. See Routing methods below for the complete list.
Arguments
| Argument | Description | Default |
|---|---|---|
path |
The path for which the middleware function is invoked; can be any of:
|
'/' (root path) |
callback |
Callback functions; can be:
You can provide multiple callback functions that behave just like middleware, except
that these callbacks can invoke When a callback function throws an error or returns a rejected promise, `next(err)` will be invoked automatically. Since router and app implement the middleware interface, you can use them as you would any other middleware function. For examples, see Middleware callback function examples. |
None |
Routing methods
Express supports the following routing methods corresponding to the HTTP methods of the same names:
|
|
|
The API documentation has explicit entries only for the most popular HTTP methods app.get(),
app.post(), app.put(), and app.delete().
However, the other methods listed above work in exactly the same way.
To route methods that translate to invalid JavaScript variable names, use the bracket notation. For example, app['m-search']('/', function ....
The app.get() function is automatically called for the HTTP HEAD method in addition to the GET
method if app.head() was not called for the path before app.get().
The method, app.all(), is not derived from any HTTP method and loads middleware at
the specified path for all HTTP request methods.
For more information, see app.all.
For more information on routing, see the routing guide.
app.param(name, callback)
Add callback triggers to route parameters, where name is the name of the parameter or an array of them, and callback is the callback function. The parameters of the callback function are the request object, the response object, the next middleware, the value of the parameter and the name of the parameter, in that order.
If name is an array, the callback trigger is registered for each parameter declared in it, in the order in which they are declared. Furthermore, for each declared parameter except the last one, a call to next inside the callback will call the callback for the next declared parameter. For the last parameter, a call to next will call the next middleware in place for the route currently being processed, just like it would if name were just a string.
For example, when :user is present in a route path, you may map user loading logic to automatically provide req.user to the route, or perform validations on the parameter input.
app.param('user', (req, res, next, id) => {
// try to get the user details from the User model and attach it to the request object
User.find(id, (err, user) => {
if (err) {
next(err)
} else if (user) {
req.user = user
next()
} else {
next(new Error('failed to load user'))
}
})
})
Param callback functions are local to the router on which they are defined. They are not inherited by mounted apps or routers, nor are they triggered for route parameters inherited from parent routers. Hence, param callbacks defined on app will be triggered only by route parameters defined on app routes.
All param callbacks will be called before any handler of any route in which the param occurs, and they will each be called only once in a request-response cycle, even if the parameter is matched in multiple routes, as shown in the following examples.
app.param('id', (req, res, next, id) => {
console.log('CALLED ONLY ONCE')
next()
})
app.get('/user/:id', (req, res, next) => {
console.log('although this matches')
next()
})
app.get('/user/:id', (req, res) => {
console.log('and this matches too')
res.end()
})
On GET /user/42, the following is printed:
CALLED ONLY ONCE
although this matches
and this matches too
app.param(['id', 'page'], (req, res, next, value) => {
console.log('CALLED ONLY ONCE with', value)
next()
})
app.get('/user/:id/:page', (req, res, next) => {
console.log('although this matches')
next()
})
app.get('/user/:id/:page', (req, res) => {
console.log('and this matches too')
res.end()
})
On GET /user/42/3, the following is printed:
CALLED ONLY ONCE with 42
CALLED ONLY ONCE with 3
although this matches
and this matches too
app.path()
Returns the canonical path of the app, a string.
const app = express()
const blog = express()
const blogAdmin = express()
app.use('/blog', blog)
blog.use('/admin', blogAdmin)
console.log(app.path()) // ''
console.log(blog.path()) // '/blog'
console.log(blogAdmin.path()) // '/blog/admin'
The behavior of this method can become very complicated in complex cases of mounted apps: it is usually better to use req.baseUrl to get the canonical path of the app.
app.post(path, callback [, callback ...])
Routes HTTP POST requests to the specified path with the specified callback functions. For more information, see the routing guide.
Arguments
| Argument | Description | Default |
|---|---|---|
path |
The path for which the middleware function is invoked; can be any of:
|
'/' (root path) |
callback |
Callback functions; can be:
You can provide multiple callback functions that behave just like middleware, except
that these callbacks can invoke When a callback function throws an error or returns a rejected promise, `next(err)` will be invoked automatically. Since router and app implement the middleware interface, you can use them as you would any other middleware function. For examples, see Middleware callback function examples. |
None |
Example
app.post('/', (req, res) => {
res.send('POST request to homepage')
})
app.put(path, callback [, callback ...])
Routes HTTP PUT requests to the specified path with the specified callback functions.
Arguments
| Argument | Description | Default |
|---|---|---|
path |
The path for which the middleware function is invoked; can be any of:
|
'/' (root path) |
callback |
Callback functions; can be:
You can provide multiple callback functions that behave just like middleware, except
that these callbacks can invoke When a callback function throws an error or returns a rejected promise, `next(err)` will be invoked automatically. Since router and app implement the middleware interface, you can use them as you would any other middleware function. For examples, see Middleware callback function examples. |
None |
Example
app.put('/', (req, res) => {
res.send('PUT request to homepage')
})
app.render(view, [locals], callback)
Returns the rendered HTML of a view via the callback function. It accepts an optional parameter
that is an object containing local variables for the view. It is like res.render(),
except it cannot send the rendered view to the client on its own.
Think of app.render() as a utility function for generating rendered view strings.
Internally res.render() uses app.render() to render views.
The local variable cache is reserved for enabling view cache. Set it to true, if you want to
cache view during development; view caching is enabled in production by default.
app.render('email', (err, html) => {
// ...
})
app.render('email', { name: 'Tobi' }, (err, html) => {
// ...
})
app.route(path)
Returns an instance of a single route, which you can then use to handle HTTP verbs with optional middleware.
Use app.route() to avoid duplicate route names (and thus typo errors).
const app = express()
app.route('/events')
.all((req, res, next) => {
// runs for all HTTP verbs first
// think of it as route specific middleware!
})
.get((req, res, next) => {
res.json({})
})
.post((req, res, next) => {
// maybe add a new event...
})
app.set(name, value)
Assigns setting name to value. You may store any value that you want,
but certain names can be used to configure the behavior of the server. These
special names are listed in the app settings table.
Calling app.set('foo', true) for a Boolean property is the same as calling
app.enable('foo'). Similarly, calling app.set('foo', false) for a Boolean
property is the same as calling app.disable('foo').
Retrieve the value of a setting with app.get().
app.set('title', 'My Site')
app.get('title') // "My Site"
Application Settings
The following table lists application settings.
Note that sub-apps will:
- Not inherit the value of settings that have a default value. You must set the value in the sub-app.
- Inherit the value of settings with no default value; these are explicitly noted in the table below.
Exceptions: Sub-apps will inherit the value of trust proxy even though it has a default value (for backward-compatibility);
Sub-apps will not inherit the value of view cache in production (when NODE_ENV is “production”).
| Property | Type | Description | Default |
|---|---|---|---|
|
|
Boolean | Enable case sensitivity. When enabled, "/Foo" and "/foo" are different routes. When disabled, "/Foo" and "/foo" are treated the same. NOTE: Sub-apps will inherit the value of this setting. |
N/A (undefined) |
|
|
String | Environment mode. Be sure to set to "production" in a production environment; see Production best practices: performance and reliability. |
|
|
|
Varied |
Set the ETag response header. For possible values, see the |
|
|
|
String | Specifies the default JSONP callback name. |
“callback” |
|
|
Boolean |
Enable escaping JSON responses from the NOTE: Sub-apps will inherit the value of this setting. |
N/A (undefined) |
|
|
Varied | The 'replacer' argument used by `JSON.stringify`.
NOTE: Sub-apps will inherit the value of this setting. |
N/A (undefined) |
|
|
Varied | The 'space' argument used by `JSON.stringify`.
This is typically set to the number of spaces to use to indent prettified JSON.
NOTE: Sub-apps will inherit the value of this setting. |
N/A (undefined) |
|
|
Varied |
Disable query parsing by setting the value to The simple query parser is based on Node’s native query parser, querystring. The extended query parser is based on qs. A custom query string parsing function will receive the complete query string, and must return an object of query keys and their values. |
"simple" |
|
|
Boolean | Enable strict routing. When enabled, the router treats "/foo" and "/foo/" as different. Otherwise, the router treats "/foo" and "/foo/" as the same. NOTE: Sub-apps will inherit the value of this setting. |
N/A (undefined) |
|
|
Number | The number of dot-separated parts of the host to remove to access subdomain. | 2 |
|
|
Varied |
Indicates the app is behind a front-facing proxy, and to use the When enabled, Express attempts to determine the IP address of the client connected through the front-facing proxy, or series of proxies. The `req.ips` property, then contains an array of IP addresses the client is connected through. To enable it, use the values described in the trust proxy options table. The `trust proxy` setting is implemented using the proxy-addr package. For more information, see its documentation. NOTE: Sub-apps will inherit the value of this setting, even though it has a default value. |
|
|
|
String or Array | A directory or an array of directories for the application's views. If an array, the views are looked up in the order they occur in the array. |
|
|
|
Boolean | Enables view template compilation caching. NOTE: Sub-apps will not inherit the value of this setting in production (when `NODE_ENV` is "production"). |
|
|
|
String | The default engine extension to use when omitted.
NOTE: Sub-apps will inherit the value of this setting. |
N/A (undefined) |
|
|
Boolean | Enables the "X-Powered-By: Express" HTTP header. |
|
Options for `trust proxy` setting
Read [Express behind proxies]/sk/behind-proxies.html) for more information.
| Type | Value |
|---|---|
| Boolean |
If If |
| String String containing comma-separated values Array of strings |
An IP address, subnet, or an array of IP addresses, and subnets to trust. Pre-configured subnet names are:
Set IP addresses in any of the following ways: Specify a single subnet: Specify a subnet and an address: Specify multiple subnets as CSV: Specify multiple subnets as an array: When specified, the IP addresses or the subnets are excluded from the address determination process, and the untrusted IP address nearest to the application server is determined as the client’s IP address. |
| Number |
Trust the nth hop from the front-facing proxy server as the client. |
| Function |
Custom trust implementation. Use this only if you know what you are doing. |
Options for `etag` setting
NOTE: These settings apply only to dynamic files, not static files. The express.static middleware ignores these settings.
The ETag functionality is implemented using the etag package. For more information, see its documentation.
| Type | Value |
|---|---|
| Boolean |
|