diff --git a/packages/server/src/routes/api/batch.ts b/packages/server/src/routes/api/batch.ts
index 60f8b0def..ad9590bb4 100644
--- a/packages/server/src/routes/api/batch.ts
+++ b/packages/server/src/routes/api/batch.ts
@@ -84,7 +84,7 @@ router.post('api/batch', async (_path: SubPath, ctx: AppContext) => {
 
 		response[subRequestId] = {
 			status: r.status,
-			body: typeof r.body === 'object' ? { ...r.body } : r.body,
+			body: typeof r.body === 'object' ? { ...(r.body as object) } : r.body,
 			header: r.header ? { ...r.header } : {},
 		};
 	}
diff --git a/packages/server/src/routes/api/items.ts b/packages/server/src/routes/api/items.ts
index 5014f75b3..5099bf746 100644
--- a/packages/server/src/routes/api/items.ts
+++ b/packages/server/src/routes/api/items.ts
@@ -49,7 +49,7 @@ export async function putItemContents(path: SubPath, ctx: AppContext, isBatch: b
 			// include the "share_id" field property so it doesn't need to be set via
 			// query parameter.
 			if (ctx.query['share_id']) {
-				saveOptions.shareId = ctx.query['share_id'];
+				saveOptions.shareId = ctx.query['share_id'] as string;
 				await ctx.joplin.models.item().checkIfAllowed(ctx.joplin.owner, AclAction.Create, { jop_share_id: saveOptions.shareId });
 			}
 
diff --git a/packages/server/src/routes/api/ping.test.ts b/packages/server/src/routes/api/ping.test.ts
index f08057af6..a82d89120 100644
--- a/packages/server/src/routes/api/ping.test.ts
+++ b/packages/server/src/routes/api/ping.test.ts
@@ -24,9 +24,11 @@ describe('api_ping', function() {
 
 		await routeHandler(context);
 
+		const body = context.response.body as any;
+
 		expect(context.response.status).toBe(200);
-		expect(context.response.body.status).toBe('ok');
-		expect(context.response.body.message).toBe('Joplin Server is running');
+		expect(body.status).toBe('ok');
+		expect(body.message).toBe('Joplin Server is running');
 	});
 
 });
diff --git a/packages/server/src/routes/api/sessions.test.ts b/packages/server/src/routes/api/sessions.test.ts
index ca8bfb077..a34eba169 100644
--- a/packages/server/src/routes/api/sessions.test.ts
+++ b/packages/server/src/routes/api/sessions.test.ts
@@ -39,9 +39,9 @@ describe('api/sessions', function() {
 
 		const context = await postSession(user.email, password);
 		expect(context.response.status).toBe(200);
-		expect(!!context.response.body.id).toBe(true);
+		expect(!!(context.response.body as any).id).toBe(true);
 
-		const session: Session = await models().session().load(context.response.body.id);
+		const session: Session = await models().session().load((context.response.body as any).id);
 		expect(session.user_id).toBe(user.id);
 	});
 
diff --git a/packages/server/src/routes/index/home.test.ts b/packages/server/src/routes/index/home.test.ts
index f8428d0b9..f57f664b2 100644
--- a/packages/server/src/routes/index/home.test.ts
+++ b/packages/server/src/routes/index/home.test.ts
@@ -28,7 +28,7 @@ describe('index/home', function() {
 
 		await routeHandler(context);
 
-		expect(context.response.body.indexOf(user.email) >= 0).toBe(true);
+		expect((context.response.body as any).indexOf(user.email) >= 0).toBe(true);
 	});
 
 });
diff --git a/packages/server/src/routes/index/login.test.ts b/packages/server/src/routes/index/login.test.ts
index 0a77a3bc4..d008dafa5 100644
--- a/packages/server/src/routes/index/login.test.ts
+++ b/packages/server/src/routes/index/login.test.ts
@@ -44,7 +44,7 @@ describe('index_login', function() {
 
 		await routeHandler(context);
 
-		const doc = parseHtml(context.response.body);
+		const doc = parseHtml(context.response.body as string);
 		expect(!!doc.querySelector('input[name=email]')).toBe(true);
 		expect(!!doc.querySelector('input[name=password]')).toBe(true);
 	});
diff --git a/packages/server/src/routes/index/password.ts b/packages/server/src/routes/index/password.ts
index 88ae07b55..208d94af4 100644
--- a/packages/server/src/routes/index/password.ts
+++ b/packages/server/src/routes/index/password.ts
@@ -48,7 +48,7 @@ const subRoutes: Record<string, RouteHandler> = {
 	reset: async (_path: SubPath, ctx: AppContext) => {
 		let successMessage: string = '';
 		let error: Error = null;
-		const token = ctx.query.token;
+		const token = ctx.query.token as string;
 
 		if (ctx.method === 'POST') {
 			const fields = await bodyFields<ResetPasswordFields>(ctx.req);
diff --git a/packages/server/src/routes/index/shares.link.test.ts b/packages/server/src/routes/index/shares.link.test.ts
index 2ec3d9b59..19ed1c7fb 100644
--- a/packages/server/src/routes/index/shares.link.test.ts
+++ b/packages/server/src/routes/index/shares.link.test.ts
@@ -37,7 +37,7 @@ async function getShareContent(shareId: string, query: any = {}): Promise<string
 	});
 	await routeHandler(context);
 	await checkContextError(context);
-	return context.response.body;
+	return context.response.body as any;
 }
 
 describe('shares.link', function() {
diff --git a/packages/server/src/routes/index/stripe.ts b/packages/server/src/routes/index/stripe.ts
index df58bc260..8d08cb8be 100644
--- a/packages/server/src/routes/index/stripe.ts
+++ b/packages/server/src/routes/index/stripe.ts
@@ -407,7 +407,7 @@ const getHandlers: Record<string, StripeRouteHandler> = {
 	success: async (stripe: Stripe, _path: SubPath, ctx: AppContext) => {
 		try {
 			const models = ctx.joplin.models;
-			const checkoutSession = await stripe.checkout.sessions.retrieve(ctx.query.session_id);
+			const checkoutSession = await stripe.checkout.sessions.retrieve(ctx.query.session_id as string);
 			const userEmail = checkoutSession.customer_details.email || checkoutSession.customer_email; // customer_email appears to be always null but fallback to it just in case
 			if (!userEmail) throw new Error(`Could not find email from checkout session: ${JSON.stringify(checkoutSession)}`);
 			const user = await waitForUserCreation(models, userEmail);
diff --git a/packages/server/src/routes/index/users.test.ts b/packages/server/src/routes/index/users.test.ts
index e5111d91c..b981cc4b6 100644
--- a/packages/server/src/routes/index/users.test.ts
+++ b/packages/server/src/routes/index/users.test.ts
@@ -59,7 +59,7 @@ async function getUserHtml(sessionId: string, userId: string): Promise<string> {
 
 	await routeHandler(context);
 	checkContextError(context);
-	return context.response.body;
+	return context.response.body as string;
 }
 
 describe('index/users', function() {
diff --git a/packages/server/src/routes/index/users.ts b/packages/server/src/routes/index/users.ts
index b3043e072..13a23eac0 100644
--- a/packages/server/src/routes/index/users.ts
+++ b/packages/server/src/routes/index/users.ts
@@ -124,7 +124,7 @@ router.publicSchemas.push('users/:id/confirm');
 router.get('users/:id/confirm', async (path: SubPath, ctx: AppContext, error: Error = null) => {
 	const models = ctx.joplin.models;
 	const userId = path.id;
-	const token = ctx.query.token;
+	const token = ctx.query.token as string;
 
 	if (!token) throw new ErrorBadRequest('Missing token');
 
diff --git a/packages/server/src/utils/requestUtils.ts b/packages/server/src/utils/requestUtils.ts
index 011de8059..f34938c0b 100644
--- a/packages/server/src/utils/requestUtils.ts
+++ b/packages/server/src/utils/requestUtils.ts
@@ -60,7 +60,7 @@ export function headerSessionId(headers: any): string {
 }
 
 export function contextSessionId(ctx: AppContext, throwIfNotFound = true): string {
-	if (ctx.headers['x-api-auth']) return ctx.headers['x-api-auth'];
+	if (ctx.headers['x-api-auth']) return ctx.headers['x-api-auth'] as string;
 
 	const id = cookieGet(ctx, 'sessionId');
 	if (!id && throwIfNotFound) throw new ErrorForbidden('Invalid or missing session');
@@ -76,6 +76,6 @@ export function isAdminRequest(ctx: AppContext): boolean {
 }
 
 export function userIp(ctx: AppContext): string {
-	if (ctx.headers['x-real-ip']) return ctx.headers['x-real-ip'];
+	if (ctx.headers['x-real-ip']) return ctx.headers['x-real-ip'] as string;
 	return ctx.ip;
 }