O'Reilly logo

Secure Your Node.js Web Application by Karl Duuna

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Identify Database Injection Points in Your Code

We briefly talked about database injection earlier. It’s a variation of code injection, but the intended target is the back-end database and not the application server. Let’s look at this widely used attack in detail and discuss ways to prevent it.

If an application has code injection issues, it means the application is not correctly validating all input fields on the site. The same thing applies to database injection. Attackers enter a series of database commands into the application’s input fields (such as a textbox in a blog’s comment form) to trick the application into executing the commands within the database. If the application builds its database queries by concatenating user input with ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required