[
https://issues.apache.org/jira/browse/AIRFLOW-1170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16009324#comment-16009324
]
ASF subversion and git services commented on AIRFLOW-1170:
----------------------------------------------------------
Commit 3b589a9f73bed018bf7e2c7b7265bfce5da91ca0 in incubator-airflow's branch
refs/heads/master from [~nzeilemaker]
[ https://git-wip-us.apache.org/repos/asf?p=incubator-airflow.git;h=3b589a9 ]
[AIRFLOW-1170] DbApiHook insert_rows inserts parameters separately
Instead of creating a sql statement with all
values, we send the values
separately to prevent sql injection
Closes #2270 from NielsZeilemaker/AIRFLOW-1170
> DbApiHook insert rows does not use prepared statement
> -----------------------------------------------------
>
> Key: AIRFLOW-1170
> URL: https://issues.apache.org/jira/browse/AIRFLOW-1170
> Project: Apache Airflow
> Issue Type: Bug
> Reporter: Niels Zeilemaker
> Assignee: Niels Zeilemaker
> Fix For: 1.8.2
>
>
> Let's not allow sql injections
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
