You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@olingo.apache.org by "Prashanth (JIRA)" <ji...@apache.org> on 2015/06/16 15:37:00 UTC
[jira] [Updated] (OLINGO-702) SQL Injection - Not validating 1=1 in
filter query
[ https://issues.apache.org/jira/browse/OLINGO-702?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Prashanth updated OLINGO-702:
-----------------------------
Summary: SQL Injection - Not validating 1=1 in filter query (was: SQL Injection - Not validating 1=1 in URI)
> SQL Injection - Not validating 1=1 in filter query
> --------------------------------------------------
>
> Key: OLINGO-702
> URL: https://issues.apache.org/jira/browse/OLINGO-702
> Project: Olingo
> Issue Type: Bug
> Components: odata2-core, odata4-server
> Reporter: Prashanth
> Labels: filter
>
> I am trying to make a request with the following filter query option in the URI :
> http://host:8080/odata/odata.svc/Employees?$filter = Id eq 9000 or 1 eq 1
> Above request is giving all the entities ( employees details ) but olingo need to reject this as it includes 1 eq 1.
> Following is my perception . Please correct me if i am wrong in any way :
> Whenever request URI includes filter query option , Olingo validates the filter expression . While validating the filter query, it is checking the data type of values . i.e in the above case , 9000 is the value for the property "Id". But if the left side operand is a literal, it should reject but failing to do so.
> What i am thinking here is that - Olingo should reject the request if the left side operand is a literal and not the valid property name.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)