Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Preventing Injection attacks
Message
De
25/08/2008 15:50:26
Naomi Nosonovsky
Wisconsin, États-Unis
 
Information générale
Forum:
Microsoft SQL Server
Catégorie:
Autre
Titre:
Re: Preventing Injection attacks
Versions des environnements
SQL Server:
SQL Server 2005
Divers
Thread ID:
01341172
Message ID:
01341613
Vues:
11
>>Easy to say than do :) Though you can just test each Request. I played with this suggestion already, but I noticed slowness and also couple of our pages started to re-direct, so I removed some strings from the tested input...
>
>Then just do not allow these chars to be typed?

Not sure it would be easy using Regular Expressions validators, but we may play with this as well.
If it's not broken, fix it until it is.


My Blog
Précédent
Répondre
Fil
Voir

Click here to load this message in the networking platform