GitHub - yisbug/mongodb-avoid-inject: mongodb inject check.

mongodb防注入

之前没有关注到mongodb注入问题，临时解决办法，检验请求中所有关键词。

以后有空再单独研究一下mongodb防注入问题。

安装

npm install mongodb-avoid-inject

使用

需要restify.bodyParser()和restify.queryParser()

restify = require 'restify'
server = restify.createServer()
server.use restify.bodyParser mapParams:false
server.use restify.queryParser()
server.use require 'mongodb-avoid-inject'

如果请求包含关键词则返回http 400错误。

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
coffee		coffee
lib		lib
test		test
.gitignore		.gitignore
Gruntfile.coffee		Gruntfile.coffee
README.md		README.md
index.js		index.js
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

mongodb防注入

安装

使用

About

Uh oh!

Releases

Packages

Uh oh!

Languages

yisbug/mongodb-avoid-inject

Folders and files

Latest commit

History

Repository files navigation

mongodb防注入

安装

使用

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages