Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Preventing Injection attacks
Message
From
25/08/2008 15:50:26
Naomi Nosonovsky
Wisconsin, United States
 
General information
Forum:
Microsoft SQL Server
Category:
Other
Title:
Re: Preventing Injection attacks
Environment versions
SQL Server:
SQL Server 2005
Miscellaneous
Thread ID:
01341172
Message ID:
01341613
Views:
10
>>Easy to say than do :) Though you can just test each Request. I played with this suggestion already, but I noticed slowness and also couple of our pages started to re-direct, so I removed some strings from the tested input...
>
>Then just do not allow these chars to be typed?

Not sure it would be easy using Regular Expressions validators, but we may play with this as well.
If it's not broken, fix it until it is.


My Blog
Previous
Reply
Map
View

Click here to load this message in the networking platform