Categorygithub.com/project-flogo/microgatewayactivitysqldexamplesapi
package
0.1.0
Repository: https://github.com/project-flogo/microgateway.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
2
Dependents
0
Files
11 SLOC

# README

Gateway with SQL injection attack defense

This recipe is a gateway with SQL injection attack defense.

Installation

  • Install Go

Setup

git clone https://github.com/project-flogo/microgateway
cd microgateway/activity/sqld/examples/api

Testing

Start the gateway:

go run main.go

and test below scenarios.

Payload without SQL injection attack

Run the following command:

curl -H "Content-Type:application/json" http://localhost:9096/pets --upload-file payload.json

You should see the following response:

{
 "category": {
  "id": 0,
  "name": "string"
 },
 "id": 1,
 "name": "cat",
 "photoUrls": [
  "string"
 ],
 "status": "available",
 "tags": [
  {
   "id": 0,
   "name": "string"
  }
 ]
}

Payload with SQL injection attack

curl -H "Content-Type:application/json" http://localhost:9096/pets --upload-file attack-payload.json

You should see the following response:

{
 "attackValues": {
  "content": {
   "category": {
    "name": 0
   },
   "name": 99.97982025146484,
   "photoUrls": [
    0
   ],
   "status": 0,
   "tags": [
    {
     "name": 0
    }
   ]
  }
 },
 "error": "hack attack!"
}