#10160: F expression literals should use bind parameters ------------------------------------------+--------------------------------- Reporter: ikelly | Owner: nobody Status: new | Milestone: Component: Database layer (models, ORM) | Version: SVN Keywords: | Stage: Unreviewed Has_patch: 0 | ------------------------------------------+--------------------------------- To prevent SQL injection attacks, Python values used within F() expressions should be processed as bind parameters rather than be inserted directly into the SQL.
-- Ticket URL: <http://code.djangoproject.com/ticket/10160> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-updates?hl=en -~----------~----~----~----~------~----~------~--~---
