Releases: fiznool/express-mongo-sanitize
Releases · fiznool/express-mongo-sanitize
v2.2.0
14 Jan 11:14
Compare
Sorry, something went wrong.
No results found
Added
New config
option:
allowDots
boolean: if set, allows dots in the user-supplied data #41
Fixed
Prevent null pointer exception when using dryRun
option #88
v2.1.0
11 May 15:50
Compare
Sorry, something went wrong.
No results found
Added
New config
options:
onSanitize
callback: this will be called after the request's value was sanitized, with two named parameters: the key
that was sanitized, and the raw req
object.
dryRun
boolean: if set, sanitization will not take place. Useful when combined with onSanitize
to report on the keys which would have been sanitized.
TypeScript types
Official support for node v16.
v2.0.2
07 Jan 10:59
Compare
Sorry, something went wrong.
No results found
Fixed
Fixed a prototype pollution security vulnerability. #34
Updated
v2.0.1
02 Dec 10:29
Compare
Sorry, something went wrong.
No results found
Updated
Update dependencies and test against node 14.
Changed
Use ESLint instead of JSHint for code linting.
Use GitHub Actions for CI instead of Travis.
v2.0.0
25 Mar 11:39
Compare
Sorry, something went wrong.
No results found
Added / Breaking
Support sanitization of headers. #5
Note that if you weren't previously expecting headers to be sanitized, this is considered a breaking change.
Breaking
Drop support for node versions < 10.
v1.3.2
12 Jan 20:10
Compare
Sorry, something went wrong.
No results found
Fixed
Fixed an issue when using the sanitizer in the node REPL. #3
v1.3.1
12 Jan 11:12
Compare
Sorry, something went wrong.
No results found
Fixed
Fixed an issue with objects containing prohibited keys nested inside other objects with prohibited keys. #2
Added a more robust check for plain objects.
v1.3.0
15 Jan 12:45
Compare
Sorry, something went wrong.
No results found
Added
A new function has
, which checks whether a passed object/array contains any keys with prohibited characters.
v1.2.0
13 Jan 12:09
Compare
Sorry, something went wrong.
No results found
Added
A new option replaceWith
which can be used to replace offending characters in a key. This is an alternative to removing the data from the payload.
v1.1.0
13 Jan 11:30
Compare
Sorry, something went wrong.
No results found
Added
The middleware also now sanitizes keys with a .
. This is in line with Mongo's reserved operators.