Welcome to the InfoSci Platform
Prevention of SQL Injection Attacks in Web Browsers

Prevention of SQL Injection Attacks in Web Browsers

Kannan Balasubramanian
Copyright: © 2018 |Pages: 35
ISBN13: 9781522534228|ISBN10: 1522534229|EISBN13: 9781522534235
DOI: 10.4018/978-1-5225-3422-8.ch052
Cite Chapter Cite Chapter

MLA

Balasubramanian, Kannan. "Prevention of SQL Injection Attacks in Web Browsers." Application Development and Design: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, IGI Global, 2018, pp. 1240-1274. https://doi.org/10.4018/978-1-5225-3422-8.ch052

APA

Balasubramanian, K. (2018). Prevention of SQL Injection Attacks in Web Browsers. In I. Management Association (Ed.), Application Development and Design: Concepts, Methodologies, Tools, and Applications (pp. 1240-1274). IGI Global. https://doi.org/10.4018/978-1-5225-3422-8.ch052

Chicago

Balasubramanian, Kannan. "Prevention of SQL Injection Attacks in Web Browsers." In Application Development and Design: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, 1240-1274. Hershey, PA: IGI Global, 2018. https://doi.org/10.4018/978-1-5225-3422-8.ch052

Export Reference

Mendeley
Favorite

Abstract

Applications that operate on the Web often interact with a database to persistently store data. For example, if an e-commerce application needs to store a user's credit card number, they typically retrieve the data from a Web form (filled out by the customer) and pass that data to some application or script running on the company's server. The dominant language that these database queries are written in is SQL, the Structured Query Language. Web applications can be vulnerable to a malicious user crafting input that gets executed on the server. One instance of this is an attacker entering Structured Query Language (SQL) commands into input fields, and then this data being used directly on the server by a Web application to construct a database query. The result could be an attacker's gaining control over the database and possibly the server. Care should be taken to validate user input on the server side before user data is used.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.