click-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Malcolm Edgar <malcolm.ed...@gmail.com>
Subject Re: How sure is Click agains SQL injections?
Date Mon, 29 Mar 2010 00:41:00 GMT
Hi George,

Click does not provide any specific facilities to prevent SQL
injection attacks, as this is an application domain requirement.

To manage this issue I would recommend using the facilities of an ORM,
and potentially a application level Filter strip dangerous characters,
or to reject these requests.

regards Malcolm Edgar

On Mon, Mar 29, 2010 at 12:30 AM, georgex <george.stanx@yahoo.com> wrote:
>
> How sure is Click against SQL injections?
> I mean a typical Click application like Click-Examples - but without Spring
> (where the average programmer doesn't add an extra layer of checking - but
> it's using Click as default).
>
> Thanks,
> George.
> --
> View this message in context: http://n2.nabble.com/How-sure-is-Click-agains-SQL-injections-tp4813027p4813027.html
> Sent from the click-development mailing list archive at Nabble.com.
>

Mime
View raw message