Answer the question
In order to leave comments, you need to log in
M
M
masimka2015-11-04 00:04:29
masimka, 2015-11-04 00:04:29
Mongodb and security, how is it implemented?
Greetings to the knowing luminaries.
Please enlighten me or point me in the right direction.
How is security implemented in Mongodb?
When working, it screens the data itself and displays them no longer screened or translated into html entities, while pieces of Java script code are not executed.
Tried to slip in insert xss scripts from an Internet, they did not work out at an output.
Are there other options?
Thankful.
2 answer(s)
@lega
@mourr
They did not work, not because your Mongodb is very secure, but because most likely CSP is enabled in the browser (and it may not be enabled for everyone). And yes, the speaker above is completely right, you need to escape and clear the lines at the stage of output / rendering of the template
L
lega, 2015-11-04 @lega
What you put in the base is what you take.
Render should be responsible for xss.
M
Mark Doe, 2015-11-04 @mourr
Tried to slip in insert xss scripts from an Internet, they did not work out at an output.
They did not work, not because your Mongodb is very secure, but because most likely CSP is enabled in the browser (and it may not be enabled for everyone). And yes, the speaker above is completely right, you need to escape and clear the lines at the stage of output / rendering of the template
Similar questions
M
A
V
A
U
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question