Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Preventing Injection attacks
Message
De
22/08/2008 12:55:58
Craig Berntson
Quicken Loans
Salt Lake City, Utah, États-Unis
 
 
À
22/08/2008 12:46:05
Naomi Nosonovsky
Wisconsin, États-Unis
Information générale
Forum:
Microsoft SQL Server
Catégorie:
Autre
Titre:
Re: Preventing Injection attacks
Versions des environnements
SQL Server:
SQL Server 2005
Divers
Thread ID:
01341172
Message ID:
01341178
Vues:
17
This message has been marked as a message which has helped to the initial question of the thread.
Use stored procs as the first defense.

>Hi everybody,
>
>I'm thinking, that instead of trying to intercept every request we may try to use UPDATE/INSERT triggers for every table and reject entries contaning < script > Does it sound like a better approach?
>
>What do you think?
>
>Thanks in advance.
Craig Berntson
MCSD, Microsoft .Net MVP, Grape City Community Influencer
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform