npm.io
0.19.0 • Published 3 weeks ago

@cd2/es-qu-el

Licence
MIT
Version
0.19.0
Deps
0
Size
73 kB
Vulns
0
Weekly
0

CircleCI

ES-QU-EL

yarn add @cd2/es-qu-el

Sanitizing using the SQL function

The SQL function will automatically escape any interpolated into the string.

import { SQL } from "@cd2/es-qu-el"

const userInput = `dangerous user input ' OR true; `

const sql = SQL`SELECT * FROM table WHERE thing=${userInput}`

A function can be interpolated which will get access to an object with many sanitizers:

const table = `my_table`

const sql = SQL`SELECT * FROM ${as => as.name(table)}`