Waiting for validation
Quelle vulnérabilité persiste malgré l'échappement des apostrophes ?
app.get('/products', (req, res) => {
const category = req.query.category.replace(/'/g, "''");
const query = `SELECT * FROM products WHERE category = '${category}' AND active = 1`;
db.execute(query, (err, result) => {
res.send(result);
});
});
Author: WeLoveDevsStatus: Waiting for validationQuestion not yet passed
0
Community EvaluationsNo one has reviewed this question yet, be the first!