Check Text Inputs for SQL Injection Attacks in Node.JS

Despite a large majority of organizations reporting successful SQL injection attacks, it seems that this type of threat is being underestimated in comparison to other cyber-crimes. While standard firewalls may aim at protecting your website or application from SQL injection, the potential for failure can cause serious data damage/loss for your company. In response to this gap in protection we have developed an API that will automatically detect SQL injection attacks from text input, and the following tutorial will illustrate how to run the process in Node.JS.

First things first, we will run this command to install the SDK:

npm install cloudmersive-validate-api-client --save

Or, we can add this snippet to our package.json:

"dependencies": {
    "cloudmersive-validate-api-client": "^1.3.9"
  }

Next, we can add the text input, API key, and specify our detection level (if desired) in the following code:

var CloudmersiveValidateApiClient = require('cloudmersive-validate-api-client');
var defaultClient = CloudmersiveValidateApiClient.ApiClient.instance;
// Configure API key authorization: Apikey
var Apikey = defaultClient.authentications['Apikey'];
Apikey.apiKey = 'YOUR API KEY';
var apiInstance = new CloudmersiveValidateApiClient.TextInputApi();
var value = "value_example"; // String | User-facing text input.
var opts = { 
  'detectionLevel': "detectionLevel_example" // String | Set to Normal to target a high-security SQL Injection detection level with a very low false positive rate; select High to target a very-high security SQL Injection detection level with higher false positives.  Default is Normal (recommended).
};
var callback = function(error, data, response) {
  if (error) {
    console.error(error);
  } else {
    console.log('API called successfully. Returned data: ' + data);
  }
};
apiInstance.textInputCheckSqlInjection(value, opts, callback);

If you don’t already have an API key, you can register for a free account on the Cloudmersive website; this will also give you access to 800 monthly calls across our library of APIs.