1
00:00:02,180 --> 00:00:04,380
Now, we did learn about SQL injection

2
00:00:04,380 --> 00:00:05,710
in the last lecture.

3
00:00:05,710 --> 00:00:09,570
I also briefly wanna talk about NoSQL injection.

4
00:00:09,570 --> 00:00:11,970
It's a bit more difficult to do

5
00:00:11,970 --> 00:00:13,710
because out of the box,

6
00:00:13,710 --> 00:00:17,160
you have a pretty good protection against NoSQL injection,

7
00:00:17,160 --> 00:00:21,720
and you need to write more advanced NoSQL code

8
00:00:21,720 --> 00:00:25,500
on the server-side to open up vulnerabilities,

9
00:00:25,500 --> 00:00:28,383
especially when working with Node and MongoDB.

10
00:00:29,440 --> 00:00:32,860
Still, NoSQL injection can be a thing

11
00:00:32,860 --> 00:00:36,760
if your NodeJS Mongo DB code is a bit more advanced

12
00:00:36,760 --> 00:00:37,800
on the service-side.

13
00:00:37,800 --> 00:00:41,430
And therefore, if you search for Node NoSQL injection,

14
00:00:41,430 --> 00:00:44,210
you will also find some articles on that,

15
00:00:44,210 --> 00:00:45,800
which do explain

16
00:00:45,800 --> 00:00:49,370
how you could have NoSQL injection vulnerabilities

17
00:00:49,370 --> 00:00:52,970
in your application and in your website.

18
00:00:52,970 --> 00:00:54,070
But out of the box,

19
00:00:54,070 --> 00:00:58,500
if you are working with basic NoSQL and MongoDB queries,

20
00:00:58,500 --> 00:01:00,810
as we did it thus far in the course

21
00:01:00,810 --> 00:01:03,710
and as you will be doing it in most websites,

22
00:01:03,710 --> 00:01:06,870
you have great protection out of the box.

23
00:01:06,870 --> 00:01:09,080
That's just what I wanted to share on that.

24
00:01:09,080 --> 00:01:10,600
But definitely check out

25
00:01:10,600 --> 00:01:13,930
those Node NoSQL injection resources as well

26
00:01:13,930 --> 00:01:17,313
as you're diving deeper and deeper into web development.