TsgcWebSocketFirewall › Properties › SQLInjection
Scans inbound messages for SQL injection patterns and denies, allows or logs them according to Action.
property SQLInjection: TsgcFirewallSQLInjection read FSQLInjection write SetSQLInjection;—
Enable SQLInjection.Enabled to run the built-in case-insensitive pattern scanner on every inbound message. It recognises boolean injection (' OR , ' AND ), UNION SELECT, statement injection ('; DROP, '; DELETE, '; INSERT, '; UPDATE), SQL comments (--), EXEC(/EXECUTE(, xp_cmdshell, CAST(/CONVERT( and tautologies (1=1). Extra expressions can be supplied through CustomPatterns. Action controls the response: faDeny rejects the message, faAllow forwards it and faLog only fires OnViolation with type fvSQLInjection. Matches also feed ThreatScore through WeightSQLInjection. Defaults: Action=faDeny.
sgcWebSocketFirewall1.SQLInjection.Enabled := True;
sgcWebSocketFirewall1.SQLInjection.Action := faDeny;
sgcWebSocketFirewall1.SQLInjection.CustomPatterns.Add('sleep(');