Select to view content in your preferred language

REST where clause and SQL Injection

3605
1
12-17-2010 05:28 AM
JonathanBaier
Emerging Contributor
I'm trying to determine how safe it is to publish REST services for mash-up consumption. Specifically I am wondering if the WHERE clause for querying is vulnerable to any kind of SQL Injection attack?

Thanks in advance!
0 Kudos
1 Reply
nicogis
MVP Alum
There are the patches on sql injection: http://support.esri.com/zh-cn/knowledgebase/techarticles/detail/40677 .

However I advise use ags 10.2 or superior why ArcGIS Server includes a security option that forces developers to use standardized SQL queries (for details: http://resources.arcgis.com/en/help/main/10.2/index.html#//015400000641000000 )
0 Kudos