REST API vs SQL INJECTION

General discussion of Mantis.

Moderators: Developer, Contributor

Post Reply
Joterini
Posts: 4
Joined: 23 Apr 2018, 12:18

REST API vs SQL INJECTION

Post by Joterini »

Hi,

Quick question, if i`m using rest api and php to create issuses, should i santitize data before send to api or mantis do this on his own? Does mantis use PDO or something similar?

Thanks!
tookei
Posts: 10
Joined: 02 Feb 2019, 20:37
Contact:

Re: REST API vs SQL INJECTION

Post by tookei »

IMO, REST API should do the job. If you go for SQL Injection, you would need to clean your data
vboctor
Site Admin
Posts: 1293
Joined: 13 Feb 2005, 22:11
Location: Redmond, Washington
Contact:

Re: REST API vs SQL INJECTION

Post by vboctor »

You shouldn’t sanitize the data. This will be handled by REST APi. You should just make sure they are sending valid requests with valid JSON.

Thanks,
-Victor
Migrate your MantisBT to the MantisHub Cloud
Post Reply