Enforcing Data Validation
Data can come into OneData through any point of entry, including the interface, import functions, HTTP channels, and REST-based service calls. In order to prevent cross-site scripting, SQL injection, or other data security threats, OneData uses Python scripts to perform validation checks on the input data.
For information on Python scripts, see official Python documentation. To learn more about detecting attacks from cross-site scripting and SQL injection, visit the Symantec site and see
http://www.securityfocus.com/infocus/1768.
OneData provides two Python scripts for data validation:
A single global script file,
validate_input.py. This file is available by default on any
OneData installation.
Repository data script files,
Repository Name_validate_input.py. On the first startup after a new installation,
OneData creates one Python script file for each repository.
Depending on how you choose to implement data validation for your organization, OneData provides you the flexibility of using data validation scripts at either the global or repository levels. During data validation, OneData first checks the repository data validation scripts. If the repository data validation scripts are unavailable, OneData checks the global data validation script. If both the global and repository data validation scripts are present, the repository data validation scripts take precedence. Software AG recommends that you delete the unused data validation script files or set them to NULL.
You can also customize the data validation method in the default Python scripts as required. During upgrade, OneData migrates the Python scripts from the database to a file system for future use.
For information on how to enforce validation of input data, see
Enforcing Validation of Input Data.