https://github.com/yisbug/mongodb-avoid-inject

mongodb inject check.
https://github.com/yisbug/mongodb-avoid-inject

Last synced: 4 months ago
JSON representation

mongodb inject check.

• Host: GitHub
• URL: https://github.com/yisbug/mongodb-avoid-inject
• Owner: yisbug
• Created: 2015-03-19T01:27:26.000Z (about 11 years ago)
• Default Branch: master
• Last Pushed: 2017-01-14T03:24:13.000Z (over 9 years ago)
• Last Synced: 2025-10-21T11:54:35.113Z (8 months ago)
• Language: CoffeeScript
• Homepage:
• Size: 7.81 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
### mongodb防注入

之前没有关注到mongodb注入问题，临时解决办法，检验请求中所有关键词。

以后有空再单独研究一下mongodb防注入问题。

### 安装

    npm install mongodb-avoid-inject

### 使用

需要`restify.bodyParser()`和`restify.queryParser()`

``` coffee

restify = require 'restify'

server = restify.createServer()

server.use restify.bodyParser mapParams:false

server.use restify.queryParser()

server.use require 'mongodb-avoid-inject'

```

如果请求包含关键词则返回http 400错误。