This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Parameterized Command Interface

From OWASP
Revision as of 00:04, 28 May 2006 by Jeff Williams (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search 
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.


A parameterized command interface is used as an alternative to a string-based command interface. This type of interface prevents Injection attacks by keeping parameters separate from the command itself.

Examples of parameterized command interfaces include:

  • PreparedStatement in Java
Retrieved from "https://wiki.owasp.org/index.php?title=Parameterized_Command_Interface&oldid=4109"