Add a note about the danger of tautologies

OWASP / wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Creative Commons Attribution Share Alike 4.0 International

7.1k stars 1.31k forks source link

Closed kingthorin closed 1 year ago

kingthorin commented 1 year ago

What's the issue? SQLi tautologies can lead to undesired outcomes when testing, testers should be very careful how/where they're used.

How do we solve it? Add a note/warning to SQLi section(s) about the danger of or 1=1 type tautologies.

Background

snowkluster commented 1 year ago

I have fixed this issue and would like someone to check my PR