|
|
|
|
|
|
by atticusCr
3097 days ago
|
|
|
Kind of, if you have a centralized place to perform input data validation, as it should, then it is just a matter to test that piece of code same if you are using a framework. However, I don't understand why you refer to a db in the first place? Is it because I used the injection attack as an example? if that's the case bare in mind that Injection target other interprets as well not only a db. But getting back to my original idea, what I want to highlight the need of adding cases to cover application security. |
|
|