Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
As a developer it is advisable to check and restrict the users from entering special characters like <,>,*,%,' etc to avoid sql injections.
But in the modules of Odoo i do not find any kind of restriction for those. So is it really not necessary to write any code for that and assume that Odoo handles the sql injection characters by itself !
Can anyone suggest anything regarding this as i am a beginner.
Odoo is designed in a way that prevents introducing most common security vulnerabilities:
SQL injections are prevented by the use of a higher-level API that does not require manual SQL queries
XSS attacks are prevented by the use of a high-level templating system that automatically escapes injected data
The framework prevents RPC access to private methods, making it harder to introduce exploitable vulnerabilities
Reffernce link : https://www.odoo.com/security
Cree una cuenta para poder utilizar funciones exclusivas e interactuar con la comunidad.
Registrarse| Publicaciones relacionadas | Respuestas | Vistas | Actividad | |
|---|---|---|---|---|
|
2
mar 15
|
8235 | ||
|
Validations in odoo studio
Resuelto
|
|
1
ene 22
|
2644 | |
|
1
dic 19
|
3603 | ||
|
2
jun 18
|
11328 | ||
|
1
may 17
|
10974 |
1. Use the live chat to ask your questions.
2. The operator answers within a few minutes.
