mongo-sanitize
DefinitelyTyped icon, indicating that this package has TypeScript declarations provided by the separate @types/mongo-sanitize package

1.1.0 • Public • Published

mongo-sanitize

For the passionately lazy, a standalone module that sanitizes inputs against query selector injection attacks:

var sanitize = require('mongo-sanitize');

// The sanitize function will strip out any keys that start with '$' in the input,
// so you can pass it to MongoDB without worrying about malicious users overwriting
// query selectors.
var clean = sanitize(req.params.username);

Users.findOne({ name: clean }, function(err, doc) {
  // ...
});

If sanitize() is passed an object, it will mutate the original object.

Package Sidebar

Install

npm i mongo-sanitize

Weekly Downloads

18,762

Version

1.1.0

License

MIT

Unpacked Size

5.3 kB

Total Files

6

Last publish

Collaborators

  • vkarpov15