- Fix a broken link in trigger doc
- Check string in-params to prevent SQL injections
Change-Id: Ic99af23dafb59a65f27feb9bdd1303dae5d347e6
Signed-off-by: Mu-Woong <muwoong.lee@samsung.com>
* To ensure your application is only running on the device with specific features,
* please define the features in your manifest file using the manifest editor in the SDK.
* More details on featuring your application can be found from
- * <a href="../org.tizen.mobile.native.appprogramming/html/ide_sdk_tools/feature_element.htm"><b>Feature Element</b>.</a>
+ * <a href="https://developer.tizen.org/development/tools/native-tools/manifest-text-editor#feature"><b>Feature Element</b>.</a>
*/
switch (filter_type) {
case CONTEXT_HISTORY_FILTER_APP_ID:
case CONTEXT_HISTORY_FILTER_WIFI_BSSID:
- return true;
+ return (g_strstr_len(val, -1, ";") == NULL);
default:
return false;
{
init();
+ // Err: ';' for SQL injection
+ IF_FAIL_RETURN(value.find(';') == std::string::npos, false);
+
// Err: Item with no option
if (template_map[name].array_get_size(NULL, KEY_OPTION) <= 0) {
return false;
{
init();
+ // Err: ';' for SQL injection
+ IF_FAIL_RETURN(value.find(';') == std::string::npos, false);
+
// Err: Invalid attribute key or Invalid value type
bool ret = false;
ctx::json attr_tempt;