Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is a good strategy to store HTML in MongodDB JSON-style doc

Is it OK to store HTML in MongoDB? Are there disadvantages? Are there better alternatives?

I'm a bit new to JSON, but I'm planning migrate my WordPress site to a custom meteor/mongodb site.

In WordPress our "Posts" are essentially product records, and the "main content" is the product's description. These descriptions contain some HTML markup, such as "strong" tags, break tags, and href hyperlinks.

<p>Who hasn't wished for a mini-Roomba to handle the arduous task of cleaning their iPhone screen? Now your dreams have come true! See the Takara web page for a <a href="http://www.takaratomy.co.jp/products/automee/" title="automee s" target="_blank">demo video.</a><strong>Colors: </strong> White, Red, Orange and Blue Runs on a single AA battery.<br> 1,575 yen</p> 

Unlike XML, JSON lacks something like CDATA. Is it a bad idea to try and put HTML in my JSON-style doc description field? Are there special escape characters for doing this? Or should I store the HTML product description as a external, static file? Or are there other best practices?

{ '_id':'236', 'name':'Tokyo Marui M9A1 Gas Blow Back Airsoft Gun', 'description':'<p>html here?</p>', 'tags': ['toys','outdoors'] ... } 

Any tip, advice, links appreciated!

EDIT

Sample product description text added.

EDIT2

I found this stackoverflow article: How to store HTML data in MongoDB?

and another on google https://groups.google.com/forum/?fromgroups=#!topic/mongodb-user/HW5XB5yox20

They seem to say it should be fine. But there isn't much discussion, so just seeking more confirmation.

Edit3

additional reference https://groups.google.com/forum/?fromgroups=#!topic/mongodb-user/0m8KJ7mPWiQ

like image 841
Max Hodges Avatar asked Mar 07 '13 14:03

Max Hodges


People also ask

Can you store HTML in Mongodb?

Yes, there is. It's not standard JavaScript, but there are a few OS commands built into the mongo shell, see "help admin".

Should databases store HTML?

Storing HTML code is fine. But if it is not from trusted source, you need to check it and allow a secure subset of markup only. HTML Tidy library will help you with that. Also, you need to count with a future change in website design, so do not use too much markup, only basic tags.

Does MongoDB use JSON data types?

No. MongoDB uses BSON (Binary JSON), which has been extended to add some optional non-JSON-native data types such as dates and binary data. JSON is converted to BSON to be stored in MongoDB and converted back to JSON when retrieved from the database.

What kind of data can be stored in MongoDB?

Since MongoDB stores the data in BSON ( Binary JSON ), you can easily store and retrieve all your data in JSON format. MongoDB also lets you enforce a schema to validate your data and maintain a data structure.

How to save HTML form record to MongoDB?

For save HTML Form record to mongodb, you need to create HTML form in views folder file and define POST route in your index.js route file. Copy and Paste below html form code and route post method code : Create index.js file in Views Directory and copy and paste below code. <!-- Button -->

What is BSON in MongoDB?

Since MongoDB stores the data in BSON ( Binary JSON ), you can easily store and retrieve all your data in JSON format. MongoDB also lets you enforce a schema to validate your data and maintain a data structure. We will use MongoDB Atlas and MongoDB Compass to demonstrate how.


Video Answer


2 Answers

OK I seem to have found enough articles to conclude:

It's perfectly fine to store html fragments and files in MongoDB as standard utf-8 encoded strings with a few caveats: http://docs.mongodb.org/manual/faq/developers/#when-should-i-use-gridfs

like image 99
Max Hodges Avatar answered Oct 04 '22 00:10

Max Hodges


You can store it as regular text type of String but validate the HTML well before saving to the database. Here is an example using express-validator and sanitize-html

body('description').not().isEmpty().trim().isLength({ min: 3 }).customSanitizer(value => {     return sanitizeHtml(value, {         exclusiveFilter: (frame) => {             return frame.tag === 'script';         },         textFilter: (value) => {             return value.replace(/\\n|\s\s/g, "").trim()         }     }) }) 

Here i'm getting the HTML from user in description req.body.description and as you can see express-validator to validate for specific rules and sanitize-html to control what i need alongside the default options and i'm stripping script tags as well as new line characters and spaces. I hope that helps.

like image 45
Mohammed Ramadan Avatar answered Oct 03 '22 23:10

Mohammed Ramadan