SQL injection protection when using NetWeaver Odat...

Hi All,

Here is my issue : We are trying to access Odata services, defined in Netweaver Gateway, through a DMZ. But, to prevent SQL injection, the quote character has been forbidden on the DMZ at Siteminder level, preventing also some of our Odata request to be performed. We have requested to allow the quote character, but questions arise about SQL injection protection without this security level.

Questions are:

Is SQL injection a risk in this context?
Is there a mean to manage protection against SQL injection at Netweaver Gateway level?

Many thanks for your help.

Nicolas Rouquette

SAP Managed Tags:
NW ABAP Gateway (OData)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Accepted Solutions (0)

Answers (0)

Ask a Question

Top Q&A Solution Author

User

Count

SQL injection protection when using NetWeaver Odata through DMZ

Accepted Solutions (0)

Answers (0)

Re: advance Data action to link two dimensions

Re: DRC e-Document in TURKEY Retrieve eInvoice Use...

Re: FCO-00011 The step start with step key |NW_ABA...

Re: Building custom app at SAP S/4 public cloud

Re: is it possible to fetch the binary data of par...