REST API vs SQL INJECTION

General discussion of Mantis.

Moderators: Developer, Contributor

Post Reply
Joterini
Posts: 4
Joined: Apr 23, 2018 7:18 am

REST API vs SQL INJECTION

Post by Joterini »

Hi,

Quick question, if i`m using rest api and php to create issuses, should i santitize data before send to api or mantis do this on his own? Does mantis use PDO or something similar?

Thanks!

tookei
Posts: 10
Joined: Feb 02, 2019 3:37 pm
Contact:

Re: REST API vs SQL INJECTION

Post by tookei »

IMO, REST API should do the job. If you go for SQL Injection, you would need to clean your data

vboctor
Site Admin
Posts: 1289
Joined: Feb 13, 2005 5:11 pm
Location: Redmond, Washington
Contact:

Re: REST API vs SQL INJECTION

Post by vboctor »

You shouldn’t sanitize the data. This will be handled by REST APi. You should just make sure they are sending valid requests with valid JSON.

Thanks,
-Victor
Migrate your MantisBT to the MantisHub Cloud

Post Reply