codequest
asked on
Xml Import security asp.net
I've got an asp.net program that will create a data set, and then converted to XML, and download it. I then want to be able to re-import it, and reload the data set to the database.
If I encrypt it, and put a checksum on it, would it be relatively safe from having a sql injection attack built into it between export and import?
If I didn't encrypt it, how might I check it for sql injection attack, considering that it would have unstructured text phrases as part of its content?
If I encrypt it, and put a checksum on it, would it be relatively safe from having a sql injection attack built into it between export and import?
If I didn't encrypt it, how might I check it for sql injection attack, considering that it would have unstructured text phrases as part of its content?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SQL injection is normally done via http url manipulation and the non checking/validation of user input
Hi,
Maybe his expression is not the right one "SQL Injuction", but what I understand he is afraid of playing with exported xml file before next import, and this file contains data set structure and data.
codequest, correct me if I am wrong.
Maybe his expression is not the right one "SQL Injuction", but what I understand he is afraid of playing with exported xml file before next import, and this file contains data set structure and data.
codequest, correct me if I am wrong.
ASKER
Thanks for input.
ASKER
your questions helped me think it through