A newer version of this documentation is available.

View Latest

User Input Validation

    User input should be validated by the client application, before the input is sent to Couchbase Server: this constitutes protection against malicious update, insertion, and erasure of data.

    Forms of Attack

    The following forms of attack, based on the manipulation of user input, should be anticipated:

    • Injecting arbitrary key-value pairs into an existing document.

    • Changing the user-specified document-type from private to public; and thereby increasing the possibility of illicit access.

    • Overriding important document-fields.

    For example, a malicious user might attempt to overwrite an existing password by generating the following JSON document:

    {"user": "will","password":"0asd21$1%", "created":"2012-06-12", "password":"password"}

    In this document, the first password-field contains 0asd21$1%, which is the intended value. Note however, that an additional password name-value pair has been concatenated onto the document-content. Submission of this modified document would result in the plain password value overwriting the earlier specified, intended password.

    Forms of Protection

    Malicious user-input is most effectively protected against by client applications that do not permit unconstrained document-configuration by users; and instead impose a more restrictive interface; whereby, for example, only specific values or name-value pairs are accepted, and are properly validated before dispatch. (A document-model featuring Java POJOs or .NET POCOs might be used for such purposes.)