Parameterized Command Interface

From OWASP

Jump to: navigation, search

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.

A parameterized command interface is used as an alternative to a string-based command interface. This type of interface prevents Injection attacks by keeping parameters separate from the command itself.

Examples of parameterized command interfaces include:

PreparedStatement in Java

Retrieved from "https://www.owasp.org/index.php?title=Parameterized_Command_Interface&oldid=62467"