How can I prevent JavaScript NoSQL injections into MongoDB?
I am working on a Node.js application and I am passing req.body
, which is a json object, into the mongoose model's save function. I thought there were safeguards behind the scenes, but this doesn't appear to be the case.