Skip to Content
0

Hiding the Odata service parameters

May 11 at 06:43 PM

47

avatar image
Former Member

Hi Friends,

I have created a oData Service for a Calculation view with Parameters like as shown below

https://Server:Portnumber//TEST/sd/Ship.xsodata/InputParams(IP_START_DATE='20180507',IP_START_TIME='010000',IP_END_TIME='020000')/Execute?$format=json&

We want to call this URL from front end system or from a Raspberry Pi , Is there an option in XS Service to expose the service without exposing the Parameters, just for security concern to avoid SQL Injection like those scenarios ?

Please let me know the options.

Thanks,

Gokul

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Best Answer
Thomas Jung
May 12 at 12:07 PM
2

The input parameters are part of the URL. That's the way OData works. It is HTTP based and uses the URL as such. There's no "hiding" URL parameters really. The parameters are checked for SQL Injection within the OData service framework on the server side.

Share
10 |10000 characters needed characters left characters exceeded