Open RoguedBear opened 1 year ago
parsing query param: https://github.com/ljharb/qs
but... escape/sanitise $where queries to prevent mongodb query injection?
or only allow whitelist of operators: https://stackoverflow.com/questions/37709927/how-to-filter-a-query-string-with-comparison-operators-in-express
parsing query param: https://github.com/ljharb/qs
but... escape/sanitise $where queries to prevent mongodb query injection?
or only allow whitelist of operators: https://stackoverflow.com/questions/37709927/how-to-filter-a-query-string-with-comparison-operators-in-express