[TinyOWS-dev] [tinyows] #30: Lierals in filter encoding and validation to know if it is a text or not
tinyows
trac at camptocamp.com
Wed Apr 22 17:27:07 EST 2009
#30: Lierals in filter encoding and validation to know if it is a text or not
-----------------------------+----------------------------------------------
Reporter: assefa | Owner: assefa
Type: enhancement | Status: assigned
Priority: minor | Version: SVN
Resolution: | Keywords: filter literal regex
Stage: Unreviewed | Approval: Unnecessary
Patch: None | Complexity: Unknown
Compatibility: Unknown | Specification: Unnecessary
-----------------------------+----------------------------------------------
Changes (by assefa):
* owner: => assefa
* status: new => assigned
Comment:
Sorry for the delay on this one. I committed a 'partial' fix allowing to
detect if a value passed is numeric (r134)
I was not sure exactly what should be done to prevent any SQL injection or
even if it has to be done only here . Here is an interesting read about
this http://www.securityfocus.com/infocus/1768. Maybe we should close this
bug and open a specific bug on the SQL injection?
--
Ticket URL: <https://www.tinyows.org/trac/tinyows/ticket/30#comment:2>
tinyows <https://www.tinyows.org/trac/tinyows>
TinyOWS
More information about the TinyOWS-dev
mailing list