Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
As a developer it is advisable to check and restrict the users from entering special characters like <,>,*,%,' etc to avoid sql injections.
But in the modules of Odoo i do not find any kind of restriction for those. So is it really not necessary to write any code for that and assume that Odoo handles the sql injection characters by itself !
Can anyone suggest anything regarding this as i am a beginner.
Odoo is designed in a way that prevents introducing most common security vulnerabilities:
SQL injections are prevented by the use of a higher-level API that does not require manual SQL queries
XSS attacks are prevented by the use of a high-level templating system that automatically escapes injected data
The framework prevents RPC access to private methods, making it harder to introduce exploitable vulnerabilities
Reffernce link : https://www.odoo.com/security
Buat akun sekarang untuk menikmati fitur eksklufi dan agar terlibat dengan komunitas kami!
Daftar| Post Terkait | Replies | Tampilan | Aktivitas | |
|---|---|---|---|---|
|
2
Mar 15
|
8243 | ||
|
Validations in odoo studio
Diselesaikan
|
|
1
Jan 22
|
2647 | |
|
How to implement async validations on form fields?
Diselesaikan
|
|
1
Des 19
|
3605 | |
|
2
Jun 18
|
11332 | ||
|
1
Mei 17
|
10996 |
1. Use the live chat to ask your questions.
2. The operator answers within a few minutes.
