Forum Discussion
gersbah
Cirrostratus
Why: https://www.owasp.org/index.php/Embedding_Null_Code
How: Unless this is a very common occurence in your application in many different places, I would limit the exception to where it's actually needed. So that would be option 1 from the KB you linked. Create the parameter "checksum" and set it to type "File Upload".
Subrun
Nov 08, 2019Cirrostratus
Appreciate your help..
I am just trying to understand how we will prevent null in request Blocking while setting parameter "checksum" and set it to type "File Upload". I mean i am looking for a more technical explanation for this.
Also another concern is by doing this ( with option 1 ) is that a risk I am accepting for SQL Injection type of attack ?