search

JKHeadley / rest-hapi

🚀 A RESTful API generator for Node.js
https://resthapi.com
MIT License
1.19k stars 153 forks source link

config.enableWhereQueries should be false by default #218

Closed JKHeadley closed 4 years ago

JKHeadley commented 4 years ago

Allowing $where queries is a useful feature for quick prototyping but comes with security implications and therefore should be disabled by default.