I want to use PostgREST. It looks save my time a lot. I am worried about the security issues. If anybody has ideas for this, it will be so helpful for me.
Asked
Active
Viewed 565 times
1 Answers
1
You don't need to protect PostgREST from sql injection since it sanitises all user input. We also ran an automated sql injection detection tool against postgrest and it did not detect anything.
If you still feel uneasy, you can use a WAF solution like https://github.com/p0pr0ck5/lua-resty-waf
Ruslan Talpa
- 533
- 3
- 8