Re: [HACKERS] Disallowing multiple queries per PQexec()

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: [HACKERS] Disallowing multiple queries per PQexec()
Дата
Msg-id 2111.1488290669@sss.pgh.pa.us
обсуждение исходный текст
Ответ на [HACKERS] Disallowing multiple queries per PQexec()  (Surafel Temesgen <surafel3000@gmail.com>)
Ответы Re: [HACKERS] Disallowing multiple queries per PQexec()  (Bruce Momjian <bruce@momjian.us>)
Re: [HACKERS] Disallowing multiple queries per PQexec()  (Robert Haas <robertmhaas@gmail.com>)
Список pgsql-hackers
Дерево обсуждения 
Surafel Temesgen <surafel3000@gmail.com> writes:
> This assignment is on todo list and has a benefit of providing an
> additional defense against SQL-injection attacks.

This is on the todo list?  Really?  It seems unlikely to be worth the
backwards-compatibility breakage.  I certainly doubt that we could
get away with unconditionally rejecting such cases with no "off" switch,
as you have here.

> Previous mailing list discussion is here
> <https://www.postgresql.org/message-id/9236.1167968298@sss.pgh.pa.us>

That message points out specifically that we *didn't* plan to do this.
Perhaps back then (ten years ago) we could have gotten away with the
compatibility breakage, but now I doubt it.
        regards, tom lane

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Amit Kapila
Дата:
Сообщение: Re: [HACKERS] Write Ahead Logging for Hash Indexes
Следующее
От: Peter Moser
Дата:
Сообщение: Re: [HACKERS] [PROPOSAL] Temporal query processing with range types