Skip to Content
avatar image
Former Member

Hiding the Odata service parameters

Hi Friends,

I have created a oData Service for a Calculation view with Parameters like as shown below

https://Server:Portnumber//TEST/sd/Ship.xsodata/InputParams(IP_START_DATE='20180507',IP_START_TIME='010000',IP_END_TIME='020000')/Execute?$format=json&

We want to call this URL from front end system or from a Raspberry Pi , Is there an option in XS Service to expose the service without exposing the Parameters, just for security concern to avoid SQL Injection like those scenarios ?

Please let me know the options.

Thanks,

Gokul

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    May 12 at 12:07 PM

    The input parameters are part of the URL. That's the way OData works. It is HTTP based and uses the URL as such. There's no "hiding" URL parameters really. The parameters are checked for SQL Injection within the OData service framework on the server side.

    Add comment
    10|10000 characters needed characters exceeded