Code Room
Code reviewMedium
Question
Review this Node.js (Express) file-download route.
What a strong answer looks like
Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.
Learn the concepts
const BASE = '/var/app/user_uploads'; app.get('/files/:name', (req, res) => { const name = req.params.name; if (name.includes('..')) { return res.status(400).send('nope'); } const full = path.join(BASE, name); fs.createReadStream(full) .on('error', () => res.status(404).end()) .pipe(res);});Run or narrate your approach, then ask the coach.