Currently, we are creating the sql query with string concatenation, which is error prone and open to sql injection. We have two very basic unit tests (
|
func TestSecuritySQLInjection(t *testing.T) { |
) to cover this part. But we need to rethink the sql building design.
Currently, we are creating the sql query with string concatenation, which is error prone and open to sql injection. We have two very basic unit tests (
sqlite-rest/integration_security_test.go
Line 35 in 23ae76b