mongo-sanitize

For the passionately lazy, a standalone module that sanitizes inputs against query selector injection attacks:

var sanitize = require('mongo-sanitize');
 
// The sanitize function will strip out any keys that start with '$' in the input,
// so you can pass it to MongoDB without worrying about malicious users overwriting
// query selectors.
var clean = sanitize(req.params.username);
 
Users.findOne({ name: clean }, function(err, doc) {
  // ...
});

We ♥ your boss

Selectively mirror the npm registry inside your firewall. Filter packages based on security, licensing, code quality and more. Build awesome stuff faster. Try npm Enterprise for free…

how? learn more

vkarpov15 published 2014-09-04T21:33:38.374Z
1.0.0 is the latest release
MIT

Collaborators list

Stats

243 downloads in the last day
1344 downloads in the last week
6211 downloads in the last month

Try it out

Test mongo-sanitize in your browser.

Keywords

mongodb, sanitize, query, selector, injection, Petko

Dependencies

None

Dependents (8)

react-redux-node-mongodb, react-alt-node-mongodb, gramene-swagger, mcms-node-core, pagespace, vulcain-users, and more