node-red-contrib-sqlstring

0.1.1 • Public • Published

node-red-contrib-sqlstring

A Node-RED node for formatting SQL-Queries to avoid SQL-Injections.

screenshot

The commonly used node-red-node-mysql allows SQL-Injections (one of most common security risks for web applications).

SQL-Queries with user provided variables, have to be secured.

The sqlstring-format node creates SQL-Queries and escapes provided variables.

The escaping is performed with: https://github.com/mysqljs/sqlstring (library with 500k downloads per week)

Example

example-flow example-properties

Package Sidebar

Install

npm i node-red-contrib-sqlstring

Weekly Downloads

25

Version

0.1.1

License

MIT

Unpacked Size

83.1 kB

Total Files

8

Last publish

Collaborators

  • julius_eckert