Topic by William Sando
Hi there,
I am calling: this rest endpoint. We are sending in the following query (url encoded):
SELECT *
FROM Contacts
WHERE Contacts.Emails.Address = '`+email+`' LIMIT 1
Where email is entered by the client as thus potentially dangerous. I've tried escaping any single quotes present in email with another single quote (as recommended elsewhere on the forums), however I get a 400 bad request, so am I correct in assuming that I can defer the escaping and assume the REST endpoint will handle that?
Thanks