Hi folks, we have been using the a JDBC connection to Spark's Thrift Server so far and using JDBC prepared statements to escape potentially malicious user input.
I am trying to port our code directly to HiveContext now (i.e. eliminate the use of Thrift Server) and I am not quite sure how to generate a properly escaped sql statement... Wondering if someone has ideas on proper way to do this? To be concrete, I would love to issue this statement val df = myHiveCtxt.(sqlText) but I would like to defend against potential SQL injection.