d9k commented on issue #17719: URL: https://github.com/apache/superset/issues/17719#issuecomment-991742527
As a temporary poor man's solution I've added custom functions for jinja2 templates to escape [PrestoDb](https://prestodb.io/) strings. These functions use replacement of single quote with `CHR(39)` concatenation: ``` # >> escape_presto_string("Dr's") # "Dr' || CHR(39) || 's" def escape_presto_string(s = ''): return s.replace("'", "' || CHR(39) || '") # >> escape_presto_strings(["Dr's", 't']) # ["Dr' || CHR(39) || 's", 't'] def escape_presto_strings(ar = []): return list(map(escape_presto_string, ar)) # >> escape_presto_strings_in(["Dr's", 't']) # "'Dr' || CHR(39) || 's','t'" def escape_presto_strings_in(ar = []): escaped_ar = escape_presto_strings(ar) if (len(escaped_ar) == 0): return "" return "'" + "','".join(escaped_ar) + "'" JINJA_CONTEXT_ADDONS = { "escape_presto_string": escape_presto_string, "escape_presto_strings": escape_presto_strings, "escape_presto_strings_in": escape_presto_strings_in, "list": list, } ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
