Skip to content
/ mongodb-sanitize Public
forked from azhang/mongodb-sanitize

Middleware to sanitize request body against mongodb query selector injections

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bottlenose-inc/mongodb-sanitize

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

mongodb-sanitize

Similar to https://www.npmjs.com/package/mongo-sanitize but is packaged as a middleware and does recursive sanitization for multi-level objects.

var sanitizeMW = require('mongodb-sanitize');

app.use(bodyParser.json());
app.use(sanitizeMW);

req.body = { title: { $gt: "" } };
// middleware runs
// req.body is now { title: {} }
Posts.find(req.body, function (err, posts) {
  // safe!
});

When the middleware encounters an dangerous req.body, it will throw an error:

{
  name: 'invalid character in key',
  key: key
}

About

Middleware to sanitize request body against mongodb query selector injections

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 100.0%