Mitigate Injection Attacks in NoSQL Databases
MongoDB and CouchDB[37] are widely used alternatives to relational databases when building Node.js applications. They donât use a query language like SQL for mapping the dataâhence the name NoSQL. Instead they have their own methods and queries. You may now think that using NoSQL means SQL injection is not a problem for you. Alas, that isnât quite true.
Strictly speaking, SQL injection doesnât affect NoSQL databases. The thing is, SQL injection isnât the only form of database injection, and there are other ways to inject commands despite not using the traditional SQL syntax. These NoSQL injection attacks execute within a procedural language rather than in the declarative SQL language, so ...
Get Secure Your Node.js Web Application now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.