Home » Java » What to do with a Java String to avoid SQL injection?

What to do with a Java String to avoid SQL injection?

Posted by: admin October 29, 2018 Leave a comment

Questions:

I am using Spring Boot 1.5.9 to receive a form from the front-end in Angular 4.

The form is then converted to a SOAP ENVELOPE to be sent to an old Web-Service made with PHP.

I can’t have access to the source code of that Web-service to check if it takes security actions to avoid SQL Injection from my XML code.

So I need to take that to myself.

The question is, what measures should I take to avoid users to try to harm the server?

What should I do with the String of each field so they become clean of any malicious code?

Should I take those measures in the front-end as well?

Answers: