{"library":"hpp","type":"library","category":null,"description":"`hpp` is an Express middleware designed to protect web applications from HTTP Parameter Pollution (HPP) attacks. HPP exploits how web frameworks handle multiple parameters with the same name in a single request. This library, currently at version 0.2.3, mitigates this by identifying array parameters in `req.query` and `req.body` (specifically for `application/x-www-form-urlencoded` requests) and assigning only the *last* parameter value to the main `req.query` or `req.body` object. The original, potentially polluted array of values is moved to `req.queryPolluted` or `req.bodyPolluted` for inspection. This ensures that downstream middleware or route handlers only receive a single, consistent value for each parameter, preventing attackers from bypassing input validation or causing unexpected application behavior. It's a low-level security utility, likely in maintenance mode given its stable version and specific scope, and integrates directly into the Express middleware chain.","language":"javascript","status":"maintenance","version":"0.2.3","tags":["javascript","hpp","http","parameter","pollution","attack","security"],"last_verified":"Wed May 27","install":[{"cmd":"npm install hpp","imports":["const hpp = require('hpp');","import hpp from 'hpp';","import { Request } from 'express';"]},{"cmd":"yarn add hpp","imports":[]},{"cmd":"pnpm add hpp","imports":[]}],"homepage":null,"github":"https://github.com/analog-nico/hpp","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/hpp","openapi_spec":null,"status_page":null,"smithery":null,"compatibility":{"summary":{"python_range":"18–22","success_rate":0,"avg_install_s":null,"avg_import_s":null,"wheel_type":null},"url":"https://checklist.day/v1/registry/hpp/compatibility"}}