Questions:
I am using Spring Boot 1.5.9 to receive a form from the front-end in Angular 4.
The form is then converted to a SOAP ENVELOPE to be sent to an old Web-Service made with PHP.
I can’t have access to the source code of that Web-service to check if it takes security actions to avoid SQL Injection from my XML code.
So I need to take that to myself.
The question is, what measures should I take to avoid users to try to harm the server?
What should I do with the String of each field so they become clean of any malicious code?
Should I take those measures in the front-end as well?
Answers:
