So, is security in Wappler already mostly done for us?
I came across this quote from @George:
Cross Site Scripting
You are in full control of your files and uploads. No scripts are included on the fly, so there is no chance of XSS
Server Connect and Database Connector/Updater use strict parameters for all their input values, so No SQL Injection is possible. You can also add additional validation rules to all the input parameters to make sure they are what you expect - next to be even more secure it allows you to detect errors more easily.
How secure is Wappler?
And from @Teodor:
The login / secured areas code and protection is secure and you shouldn’t be worried about cross scripting, sql injection and other attack’s
So, is that still accurate?
And, does it mean that when I have any kind of text input at all, I don’t have to do any protection on my own against malicious SQLi or XSS?
If so - VERY COOL. I didn’t realize that. I don’t know how I missed it!
What type of security do we need to make sure that we do that Wappler doesn’t handle?