Understanding validation and serialization
Fastify has been built with a focus on the developer’s experience, and on reducing the developer effort needed to draft a new project. For this reason, Fastify has built-in features to reduce the following burdens:
- Validating the user’s input
- Filtering the server’s output
The aim is to find solutions for and prevent the most common security attacks, such as code injection or sensitive data exposure. The answer is declaring the expected input and output data format for every route. Therefore, the validation and serialization processes have been introduced into the framework by design:
Figure 5.1 – The Validation and Serialization phases
This preceding diagram shows the request lifecycle steps’ macro architecture, which you read about in detail in Chapter 4.