- From: Davide Palmisano <dpalmisano@gmail.com>
- Date: Mon, 29 Mar 2010 17:08:48 +0200
- To: Linked Data community <public-lod@w3.org>
apologize, forgot to cc public-lod ---------- Forwarded message ---------- From: Davide Palmisano <dpalmisano@gmail.com> Date: Mon, Mar 29, 2010 at 4:51 PM Subject: Re: Preventing SPARQL injection To: Angelo Veltens <angelo.veltens@online.de> Hi Angelo, I'm not sure I well understood your problem. Anyway may be worth give a look to this: http://clarkparsia.com/weblog/2010/02/03/empire-0-6/ cheers, Davide On Sat, Mar 27, 2010 at 1:10 PM, Angelo Veltens <angelo.veltens@online.de> wrote: > Hi all, > > my name is Angelo Veltens, i'm studying computer science in germany. I > am using the jena framework with sdb for a student research project. > > I'm just wondering how to prevent sparql injections. It seems to me, > that i have to build my queries from plain strings and do the sanitizing > on my own. Isn't there something like prepared statements as in > SQL/JDBC? This would be less risky. > > Kind regards, > Angelo Veltens > > > -- Davide Palmisano Technologist at Fondazione Bruno Kessler http://davidepalmisano.wordpress.com http://twitter.com/dpalmisano -- Davide Palmisano http://davidepalmisano.wordpress.com http://twitter.com/dpalmisano
Received on Monday, 29 March 2010 15:09:42 UTC