From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Oliver Jowett <oliver(at)opencloud(dot)com> |
Cc: | Michael Privat <michael(at)ceci(dot)mit(dot)edu>, pg(at)fastcrypt(dot)com, "pgsql-jdbc(at)postgresql(dot)org" <pgsql-jdbc(at)postgresql(dot)org> |
Subject: | Re: bytea size limit? |
Date: | 2004-04-12 04:23:34 |
Message-ID: | 29526.1081743814@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-jdbc |
Oliver Jowett <oliver(at)opencloud(dot)com> writes:
> ... using the V3 extended query protocol (this requires a number of
> other driver changes, as at a minimum the driver will need to split up
> queries that contain multiple statements)
This is a bit off the thread topic, but: does the JDBC spec actually
allow/expect multiple SQL commands in a query? Some people thought that
the V3 restriction to one command per query string was a Good Thing
because it helps guard against SQL-injection attacks when an application
is careless about inserting untrustworthy text into a command string.
If you don't have a spec requirement to cope with this, then I'd advise
against adding code to support it.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Oliver Jowett | 2004-04-12 05:15:35 | Re: bytea size limit? |
Previous Message | Oliver Jowett | 2004-04-12 03:14:01 | Re: bytea size limit? |