abhishekrb19 commented on PR #16174: URL: https://github.com/apache/druid/pull/16174#issuecomment-2014165962
Ah, I see. The JDBI library doesn't check for "illegal" values for the named parameters as it's contextual. I ran a test with such values and it seems the library just treats them as any other string literal. That said, the binding itself makes the query safe to execute and I think if we want to detect illegal values or perform semantic validation, it has to be done at a layer on top (I'm not sure if that check can be full-proof though). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
