Welcome to the InfoSci Platform
Prevention of SQL Injection Attacks in Web Browsers

Prevention of SQL Injection Attacks in Web Browsers

Kannan Balasubramanian
Copyright: © 2016 |Pages: 35
ISBN13: 9781522502739|ISBN10: 1522502734|EISBN13: 9781522502746
DOI: 10.4018/978-1-5225-0273-9.ch011
Cite Chapter Cite Chapter

MLA

Balasubramanian, Kannan. "Prevention of SQL Injection Attacks in Web Browsers." Cryptographic Solutions for Secure Online Banking and Commerce, edited by Kannan Balasubramanian, et al., IGI Global, 2016, pp. 174-208. https://doi.org/10.4018/978-1-5225-0273-9.ch011

APA

Balasubramanian, K. (2016). Prevention of SQL Injection Attacks in Web Browsers. In K. Balasubramanian, K. Mala, & M. Rajakani (Eds.), Cryptographic Solutions for Secure Online Banking and Commerce (pp. 174-208). IGI Global. https://doi.org/10.4018/978-1-5225-0273-9.ch011

Chicago

Balasubramanian, Kannan. "Prevention of SQL Injection Attacks in Web Browsers." In Cryptographic Solutions for Secure Online Banking and Commerce, edited by Kannan Balasubramanian, K. Mala, and M. Rajakani, 174-208. Hershey, PA: IGI Global, 2016. https://doi.org/10.4018/978-1-5225-0273-9.ch011

Export Reference

Mendeley
Favorite

Abstract

Applications that operate on the Web often interact with a database to persistently store data. For example, if an e-commerce application needs to store a user's credit card number, they typically retrieve the data from a Web form (filled out by the customer) and pass that data to some application or script running on the company's server. The dominant language that these database queries are written in is SQL, the Structured Query Language. Web applications can be vulnerable to a malicious user crafting input that gets executed on the server. One instance of this is an attacker entering Structured Query Language (SQL) commands into input fields, and then this data being used directly on the server by a Web application to construct a database query. The result could be an attacker's gaining control over the database and possibly the server. Care should be taken to validate user input on the server side before user data is used.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.