TL;DR —
Hackers can maliciously pass commands through the Web app for execution by a backend database. Many data breaches are due to SQL injection. Hackers use a simple string called a Magical String, for example: username: admin; password: anything 'or'1'='1; password=anything results in FALSE, but '1' is a TRUE statement and hence returns a true value. Just due to a single quote (') in the input string is replaced with double quotes ("), and due to (2) before every (') it adds (/). The revised magical string fails to bypass the authentication, and your database stays secure.
[story continues]
Written by
@mozilla
Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.
Topics and
tags
tags
mozilla|security-terms|password-protection|data-protection|web-development|mdn|beginners|hackernoon-top-story
This story on HackerNoon has a decentralized backup on Sia.
Transaction ID: 5iAq6s1jZYHy_XJ-61xeEHhuNOGgVTZhWkCAw87MoGQ