OS 9.1 security warnings during deployment

OS 9.1 security warnings during deployment

  

After upgrading my platform from 9.0 to 9.1, I occasionally see warnings such as "Please ensure your argument is correctly encoded to avoid SQL injection security flaws." in the deploy log.

Shouldn't these warnings be displayed in the TrueChange tab, in development time? If not, shouldn't these at least hint to where these issues are?

Hey João,

Where did you find the warnings? 

Those warnings should be displayed in the TrueChange tab also. However, in 9.1, that functionality is off by default that's why you are not able to see them there.

If you are seeing them only in compilation time and the functionality is off, then that's probably a bug that we need to address.

Regards

I'm only seeing them in the logs while publishing solutions. In Service Studio they aren't displayed.

If the default for this functionality is being off, then it is off, since I don't even know where I can enable it   

Hi Pedro, you found a bug, thanks for reporting it. 

Can you confirm the version of the server you are using, and the version of Service Studio you have installed on the same server?

Thanks

João Pedro Abreu wrote:

I'm only seeing them in the logs while publishing solutions. In Service Studio they aren't displayed.

If the default for this functionality is being off, then it is off, since I don't even know where I can enable it   



The platform server version is  9.1.501.0.

I don't have remote access to the server, so i'll have to get back to you with the Service Studio version.


Edit: Service Studio version is also 9.1.501.0. Just saw it after a module was upgraded due to a solution being published.