Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add validation to SQL inputs for webhook and retry service. #199

Open
pdewilde opened this issue Nov 28, 2023 · 0 comments
Open

Add validation to SQL inputs for webhook and retry service. #199

pdewilde opened this issue Nov 28, 2023 · 0 comments
Labels
good first issue Good for newcomers

Comments

@pdewilde
Copy link
Contributor

pdewilde commented Nov 28, 2023

pkg/retry and pkg/webhook doesn't yet use the improved validation added in #198

This is not a huge concern as the threat model for this particular injection risk is a privileged insider who likely already has sufficient access to the database anyways. Mainly this is to ensure that we have secure patterns so if they are copied or used elsewhere we don't accidentally introduce injection bugs.

@pdewilde pdewilde changed the title Add validation to SQL inputs for retry service. Add validation to SQL inputs for webhook and retry service. Nov 28, 2023
@pdewilde pdewilde added the good first issue Good for newcomers label Nov 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue Good for newcomers
Development

No branches or pull requests

1 participant