What is meaning of Draw=3
What is meaning of Draw=3
sarooptrivedi
Posts: 59Questions: 18Answers: 2
https://datatables.net/forums/discussion/32573/usage-of-draw-in-datatables
I seen your above link but in my cyber scan Datatables.net return the draw=3.
what is meaning of it?
This question has an accepted answers - jump to answer
Answers
The
draw
parameter (used for server-side processing) is described here:Sent to the server:
Return:
Allan
Hey Allan,
My cyber scan returns this value
{"draw":3,"recordsFiltered":0,"recordsTotal":764,"data":[]}
I am still confused, draw is already casted with int. and it is part of sql injection erro through burpsuit
This is the error by burpsuit.
The columns%5B3%5D%5Bsearch%5D%5Bregex%5D parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the columns%5B3%5D%5Bsearch%5D%5Bregex%5D parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
You'll need to tell me what your "cyber scan" is. A security scanner of some kind I guess - it sounds like it might be returning a false positive? You might need to get in touch with the provider to find out what is going on. If your
draw
parameter is an int, then there can be no injection attack against that parameter.Allan