Google datastore security with objectify
Question
I am experimenting with objectify and GAE (Java, standard environment) to store some data in Google's datastore. When not using objectify prepared queries are mentioned in the docs in order to save and retrieve data from the datastore. See: GAE docs
Are there any vulnerabilities similar to SQL injection when using Objectify like this:
List<Car> cars = ofy().load().type(Car.class).filter("year >", 1999).list();
Or like this:
ofy().save().entity(thing1).now();
Thing th = ofy().load().key(thingKey).now();
Thanks in advance
1 answers
solution1
2 ACCPTED 2017-04-03 06:15:48
不,因为没有查询语言,所以没有等效的SQL注入。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Datastore & Memcache consistency - Google App Engine & Objectify
Find nearest location with Google Datastore and objectify
Google App Engine - Connect to remote datastore locally using Objectify
Objectify Unit Tests are persisting data to Google Cloud Datastore
Google datastore with objectify getting MyClass is not a supported property type. exception
Objectify filtering substrings in Datastore
How do I correctly save a google user in google datastore using objectify?
Writing property to memcache, but not to datastore in Objectify?
How to update a datastore entity with Objectify?
Defining inner classes in AppEngine Datastore (Objectify)
Related Tags