This express module detects sql injection attacks and stops them by sending 403 as response. The module checks the query string, route params, and body for any sql injection related content.
var app = express();
var sqlinjection = require('sql-injection');
app.use(sqlinjection);$ npm install sql-injection
code example:
var express = require('express');
var sqlinjection = require('sql-injection');
var app = express();
app.configure(function() {
app.use(sqlinjection); // add sql-injection middleware here
});
app.get('/route1', function(req, res) {
res.send(200, {});
});
app.get('/route2/:uid', function(req, res) {
res.send(200, {});
});
app.post('/route3', function(req, res) {
res.send(200, {});
});
app.listen(3000);