By default, Koa uses the native querystring module which does not provide nesting support. This patches a koa app with nesting support via the qs support, which is also used by Connect and Express.

Simply wrap a koa app with this module:

// Koa 1.x.x
const koa = require('koa')
const app = koa()
require('koa-qs')(app)
// Koa 2.x.x
const Koa = require('koa')
const app = new Koa()
require('koa-qs')(app)

There're three parse mode.

The default mode, use [qs] module.

require('koa-qs')(app, 'extended')

Use querystring module, same as koa does by default. If you want to use this mode, don't use this module.

This mode make this.query.foo return strict array.

require('koa-qs')(app, 'strict')

A normal request GET /foo?p=a&q=foo&q=bar.

• before patch

console.log('%j', this.query);
{
  "p": "a",
  "q": ["foo", "bar"]
}

• after patch

console.log('%j', this.query);
{
  "p": ["a"],
  "q": ["foo", "bar"]
}

This mode make this.query.foo return strict string. Disable multi values.

If querystring contains multi same name params, return the first item.

require('koa-qs')(app, 'first')

In 95% use cases, application only want string query params.

This patch can avoid some stupid TypeError and some security issues like MongoDB inject when the developers forget handling query params type check.

A normal request GET /foo?p=a,b&p=b,c.

• before patch

console.log('%j', this.query.p);
["a,b", "b,c"]

• after patch

console.log('%j', this.query.p);
"a,b"

MIT