Re: Protecting a web app from Postgresql injection
| От | Josh |
|---|---|
| Тема | Re: Protecting a web app from Postgresql injection |
| Дата | |
| Msg-id | alpine.LRH.1.00.0801301724560.19793@home-av-server.home-av обсуждение исходный текст |
| Ответ на | Protecting a web app from Postgresql injection (Mary Anderson <maryfran@demog.berkeley.edu>) |
| Список | pgsql-novice |
Mary, Are you using parameter substitution in your queries? That is the best way to protect against these kinds of attacks. What language are you using? We can provide examples of this if you'd like. Cheers, -Josh On Wed, 30 Jan 2008, Mary Anderson wrote: > Date: Wed, 30 Jan 2008 13:48:59 -0800 > From: Mary Anderson <maryfran@demog.berkeley.edu> > To: pgsql-novice@postgresql.org > Subject: [NOVICE] Protecting a web app from Postgresql injection > > Hi all, > I have a web app I would like to protect against postgreSQL injection. > What characters should I be on the lookout for? Any Any suggestions for > enhancing the security of my app are welcome. > > Mary Anderson > > ---------------------------(end of broadcast)--------------------------- > TIP 6: explain analyze is your friend > >
В списке pgsql-novice по дате отправления: