Robert Haas <robertmhaas@gmail.com> writes:
> On Wed, Jul 26, 2017 at 5:38 AM, Ashutosh Bapat
> <ashutosh.bapat@enterprisedb.com> wrote:
>> According to F.34.1.1 at [1] passing connection string as dbname
>> option should work, so your question is valid. I am not aware of any
>> discussion around this on hackers.
> I kind of wonder if this had some security aspect to it? But not sure.
The main problem to my mind is that a connection string could possibly
override items meant to be specified elsewhere. In particular it ought
not be allowed to specify the remote username or password, because those
are supposed to come from the user mapping object not the server object.
I suspect you could break things by trying to specify client_encoding
there, as well.
In any case, I entirely reject the argument that the existing
documentation says this should work. It says that you can specify (most
of) the same fields that are allowed in a connection string, not that one
of those fields might be taken to *be* a connection string.
regards, tom lane