Difference between revisions of "Parameterized Command Interface"

From OWASP
Jump to: navigation, search
(Reverting to last version not containing links to www.texteltdelrel.com)
 
(2 intermediate revisions by 2 users not shown)
Line 6: Line 6:
 
* PreparedStatement in Java
 
* PreparedStatement in Java
  
[[Category:Countermeasure]]
 
 
[[Category: Control]]
 
[[Category: Control]]

Latest revision as of 13:27, 27 May 2009

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.


A parameterized command interface is used as an alternative to a string-based command interface. This type of interface prevents Injection attacks by keeping parameters separate from the command itself.

Examples of parameterized command interfaces include:

  • PreparedStatement in Java