Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Mongoose and Query Injection when using Javascript?

Tags:

javascript

node.js

mongodb

mongoose

code-injection

How does MongoDB address SQL or Query injection? explains how to handle query injection with BSON when using javascript on the server. I haven't been able to track down how/whether Mongoose handles query injection though.

At this point I have two questions:

  1. Does Mongoose protect against query injection (using BSON or some other method)
  2. If it does, are there any quirks with it's implementation that a developer need to be aware of?
like image 471
JoBu1324 Avatar asked Aug 24 '13 04:08

JoBu1324

1 Answers

Mongoose does not protect against query injection so unfortunately you will need to perform your own injection detection following the guidelines from the link above.

like image 59
christkv Avatar answered Sep 22 '22 00:09

christkv
Sign in to Comment

Related questions

Can one hack "paste image" support into a textarea in Firefox?
How to implement GROWTH function in JavaScript
Where in the Javascript event chain does the browser's "return to original position" occur following refresh?
Angularjs: ng-repeat and ng-switch on tr tags
How to set locale in JavaScript, for example for toLocaleUpperCase()?
Relative height and width but absolute positioned x, y
d3.js force directed layout constrained by a shape
Executing mongoimport inside code with Javascript/Node.js
Firebug like debugging on Android
Traversing contenteditable paragraphs with arrow keys
Is there a way to fake a synchronous XHR request?
javascript: cyclomatic complexity of the wrapper function
Do I need to add app.initialize() in all my html files in a cordova/phonegap project
Check if <a href="tel:5555555"> is supported
passport authentication failure leads to redirect loop
Emulate SO tag editor
Is it possible to parallax an img tag rather than background image in a div?
Android Chrome window.onunload
Possible to tell if two objects are the same in Chrome debugger?
Is it possible to set dependencies for a folder using require.js?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!