[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Xml Import security asp.net

Posted on 2014-12-18
5
Medium Priority
?
209 Views
Last Modified: 2014-12-20
I've got an asp.net  program that will create a data set, and then converted to XML, and download it.  I then want to be able to re-import it, and reload the data set to the database.

If I encrypt it, and put a checksum on it, would it be relatively safe from having a sql injection attack built into it between export and import?

If I didn't encrypt it, how might I check it for sql injection attack, considering that it would have unstructured text phrases as part of its content?
0
Comment
Question by:codequest
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 12

Accepted Solution

by:
Ammar Gaffar earned 2000 total points
ID: 40506847
Hi,
Your question is so generic for me, so defiantly my generic answer is yes, encrypting file is an option, but it might be other solutions based on your business scenario.

I have some questions:
Who is using your asp.net? I mean here anonymous user or authenticated user?
What is your business scenario you need to apply this export and import functionality?
0
 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 40506921
SQL injection is normally done via http url manipulation and the non checking/validation of user input
0
 
LVL 12

Expert Comment

by:Ammar Gaffar
ID: 40506939
Hi,
Maybe his expression is not the right one "SQL Injuction", but what I understand he is afraid of playing with exported xml file before next import, and this file contains data set structure and data.

codequest, correct me if I am wrong.
0
 
LVL 2

Author Comment

by:codequest
ID: 40506960
Thanks for input.
0
 
LVL 2

Author Closing Comment

by:codequest
ID: 40510790
your questions helped me think it through
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question