0.3.1 • Published 7 years ago

mongo-interceptor v0.3.1

Weekly downloads
2
License
MIT
Repository
github
Last release
7 years ago

mongo-interceptor

MongoDB (String) intrusion detector

Build Status

Installation

Install with npm install --save mongo-interceptor

Usage

Require the package like you always do: var mongoInterceptor = require('mongo-interceptor');

Methods

check()

You can check any Object, Array, or String for "harmful" mongoDB operators by calling mongoInterceptor.checkStr(possibleNOSQLInjectionString) and you will get an object in return, which contains the following information:

  • escaped: The escaped String
  • isIntrusion: The Boolean to tell if any mongoDB operators where detected and escaped
  • injections: The [String] if found mongoDB operators

See the interceptor-tests for further information.

setReplacer()

By default, mongo-interceptor is using the underscore (_) to escape/replace found mongoDB operators, but you can set any other replacement String you like - excluding $ itself.

Properties

VERSION

Returns the actual VERSION of the library in use.

mongomongodbmongo-dbnosqlnosql-injectioninjectionowaspintrusion-detection
@infinitebrahmanuniverse/nolb-mongo-@everything-registry/sub-chunk-2197@zalastax/nolb-mongo-
0.3.1

7 years ago

0.3.0

7 years ago

0.2.0

7 years ago

0.1.0

7 years ago

0.0.1

7 years ago