What is digiRunner's SQL Injection mechanism?

[fancloud2003-coder]

Hi Everyone,
I'm looking into the security features of digiRunner and want to understand how it prevents SQL Injection attacks. What mechanisms are in place, and what does the gateway do to check for these?
Any details on the underlying logic would be very helpful.
Thanks!

[TPIsoftwareOSPO]

Hi, thanks for asking this — SQL Injection is a very valid concern! 👋

At the moment, digiRunner’s gateway has basic SQL injection checks.

• The logic mainly blocks requests containing certain risky characters, like single quotes (') or semicolons (;).

It’s a lightweight safeguard meant to stop the most obvious attempts.