Menu
Is it OK to store HTML in MongoDB? Are there disadvantages? Are there better alternatives?
I'm a bit new to JSON, but I'm planning migrate my WordPress site to a custom meteor/mongodb site.
In WordPress our "Posts" are essentially product records, and the "main content" is the product's description. These descriptions contain some HTML markup, such as "strong" tags, break tags, and href hyperlinks.
<p>Who hasn't wished for a mini-Roomba to handle the arduous task of cleaning their iPhone screen? Now your dreams have come true! See the Takara web page for a <a href="http://www.takaratomy.co.jp/products/automee/" title="automee s" target="_blank">demo video.</a><strong>Colors: </strong> White, Red, Orange and Blue Runs on a single AA battery.<br> 1,575 yen</p> Unlike XML, JSON lacks something like CDATA. Is it a bad idea to try and put HTML in my JSON-style doc description field? Are there special escape characters for doing this? Or should I store the HTML product description as a external, static file? Or are there other best practices?
{ '_id':'236', 'name':'Tokyo Marui M9A1 Gas Blow Back Airsoft Gun', 'description':'<p>html here?</p>', 'tags': ['toys','outdoors'] ... } Any tip, advice, links appreciated!
EDIT
Sample product description text added.
EDIT2
I found this stackoverflow article: How to store HTML data in MongoDB?
and another on google https://groups.google.com/forum/?fromgroups=#!topic/mongodb-user/HW5XB5yox20
They seem to say it should be fine. But there isn't much discussion, so just seeking more confirmation.
Edit3
additional reference https://groups.google.com/forum/?fromgroups=#!topic/mongodb-user/0m8KJ7mPWiQ
841
Yes, there is. It's not standard JavaScript, but there are a few OS commands built into the mongo shell, see "help admin".
Storing HTML code is fine. But if it is not from trusted source, you need to check it and allow a secure subset of markup only. HTML Tidy library will help you with that. Also, you need to count with a future change in website design, so do not use too much markup, only basic tags.
No. MongoDB uses BSON (Binary JSON), which has been extended to add some optional non-JSON-native data types such as dates and binary data. JSON is converted to BSON to be stored in MongoDB and converted back to JSON when retrieved from the database.
Since MongoDB stores the data in BSON ( Binary JSON ), you can easily store and retrieve all your data in JSON format. MongoDB also lets you enforce a schema to validate your data and maintain a data structure.
For save HTML Form record to mongodb, you need to create HTML form in views folder file and define POST route in your index.js route file. Copy and Paste below html form code and route post method code : Create index.js file in Views Directory and copy and paste below code. <!-- Button -->
Since MongoDB stores the data in BSON ( Binary JSON ), you can easily store and retrieve all your data in JSON format. MongoDB also lets you enforce a schema to validate your data and maintain a data structure. We will use MongoDB Atlas and MongoDB Compass to demonstrate how.
OK I seem to have found enough articles to conclude:
It's perfectly fine to store html fragments and files in MongoDB as standard utf-8 encoded strings with a few caveats: http://docs.mongodb.org/manual/faq/developers/#when-should-i-use-gridfs
99
You can store it as regular text type of String but validate the HTML well before saving to the database. Here is an example using express-validator and sanitize-html
body('description').not().isEmpty().trim().isLength({ min: 3 }).customSanitizer(value => { return sanitizeHtml(value, { exclusiveFilter: (frame) => { return frame.tag === 'script'; }, textFilter: (value) => { return value.replace(/\\n|\s\s/g, "").trim() } }) }) Here i'm getting the HTML from user in description req.body.description and as you can see express-validator to validate for specific rules and sanitize-html to control what i need alongside the default options and i'm stripping script tags as well as new line characters and spaces. I hope that helps.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
