Answer the question
In order to leave comments, you need to log in
Mongoose - how is data cleaning implemented?
Please tell me, before sending queries to Mongodb through Mongoose, do I need to filter data from the user? Or does it filter everything itself just before sending the query to Mongodb?
Answer the question
In order to leave comments, you need to log in
In theory, you need to filter and validate everything that comes from the user.
It's not even about safety.
In practice, of course, it depends on your request, but even in a good scenario, sooner or later, when incorrect data is received, some strange mongo error will come out - something like parseError stackoverflow.com/questions/19546561/node-mongodb-... to catch which will be long, painful and insulting :-)
And when prevalidating, you will immediately have an answer to the question of who and why, and most importantly where you entered incorrect data.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question