How can remove SQL Injection warning

Hello everyone,

I am using Advance Query with Expand Inline Property : Yes But its showing warning 

Warning : Avoid enabling the Expand Inline Property of SQL Query Parameter since it could make your application vulnerable to SQL Injection.

How can we remove this warning .




Hi Rahul,

In your case you can add  VerifySqlLiteral() or the EncodeSql() functions  from the Sanitization Extension, to ensure it only contains valid SQL literals .

you can also refer this doc:

Injection and Cross Site Script (XSS) - OutSystems

Hope this helps.




HI Rahul Jain

If you must set Expand Inline Property to Yes for good reason(e.g.: Using in clause) you can hide these warnings.

Best Regards

hi Rahul,

You will need to wrap your input parameter/s of your Advanced query using EncodeSql() for which Expand Inline Property : Yes. With that the warning should go.

Like for ex EncodeSql(xyz)

Hope that helps.


Shilpa Uppund

Hi Rahul,

In your case you can use VerifySqlLiteral() function to avoid warning.

For more detail please refer below documentation:


Shashikant Shukla

Hi Rahul,

Please refer below link, This helped me to solve the same issue.

Hope this helps you !


Lakshmi Kumar

Hi Rahul,

This component there is a demonstration of the use of the EncodeSql().

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.