The XML Factor

Guardado en:

Bibliografiske detaljer
Udgivet i:	Network Computing vol. 15, no. 11 (Jun 10, 2004), p. 79-81
Hovedforfatter:	MacVittie, Lori
Udgivet:	Informa
Fag:	United States > US Enterprisewide computing Web services Extensible Markup Language Standards Systems management Servers Digital signatures Alliances Cybersecurity Documents Computer Oriented Programs Personality Networks
Online adgang:	Citation/Abstract Full Text + Graphics Full Text - PDF
Tags:	Tilføj Tag Ingen Tags, Vær først til at tagge denne postø!

Beskrivelse
Resumen:	SQL Injection is a common Web application attack, and XML is vulnerable to it as well. Validating your incoming XML documents against XML schema doesn't necessarily prevent this attack. That's because the type "xsdistring" does not preclude special characters and specific SQL keywords that are, after all, of the correct type. To prevent ISO character sets from being exploited, declare the ISO character set you're using for translating Unicode input into ASCII.
ISSN:	1046-4468 0743-9504 0892-2802
Fuente:	ABI/INFORM Global