Skip to content

herom/mongo-interceptor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

mongo-interceptor

MongoDB (String) intrusion detector

Build Status

Installation

Install with npm install --save mongo-interceptor

Usage

Require the package like you always do: var mongoInterceptor = require('mongo-interceptor');

Methods

check()

You can check any Object, Array, or String for "harmful" mongoDB operators by calling mongoInterceptor.checkStr(possibleNOSQLInjectionString) and you will get an object in return, which contains the following information:

  • escaped: The escaped String
  • isIntrusion: The Boolean to tell if any mongoDB operators where detected and escaped
  • injections: The [String] if found mongoDB operators

See the interceptor-tests for further information.

setReplacer()

By default, mongo-interceptor is using the underscore (_) to escape/replace found mongoDB operators, but you can set any other replacement String you like - excluding $ itself.

Properties

VERSION

Returns the actual VERSION of the library in use.

About

MongoDB (String) intrusion detector

Topics

mongodb escape intrusion-detector mongo-interceptor

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

5 tags

Packages

No packages published

Languages