If I make a simple function that gets called from client and returns matching items in a collection, how do I have to sanitize the user input? I’m not so much into JavaScript so I don’t really know the possibilites, like how can I guarantee the query parameter is a string and how/Do I have to sanitize it before calling the collection.find function? Since it’s a public Realm function, users will be able to call it with any type of parameter.
exports = asnyc function(query){
...
let res = await userCollection.find({'title': {'$regex': query, '$options': 'i'}})
...
return result;
}
Thanks in advance!!