Re: Mongo: avoid injection attach - RejectedSoftware Forums

Posted Thu, 29 Dec 2016 02:47:42 GMT in reply to Carl Sturtivant

On Thu, 29 Dec 2016 02:46:34 GMT, Carl Sturtivant wrote:

Is this a do-it-yourself situation, or is there some canned machinery to sanitize client-communicated text for use as string values in mongodb queries. In fact, what's the best way to do this?

Oops: title of thread should be "attack" not "attach".