nicmrayce commented on issue #13708: URL: https://github.com/apache/superset/issues/13708#issuecomment-2499052682
Hi @rusackas , just to let you know that apparently, Superset doesn't seem to escape the special characters again when filtering action is attempted. One of our column values in our dataset has a single quote `'` character and it causes error across all charts when that option is picked. An example here:  And so the only quickest way we could think of is to perform the SQL REPLACE function in order to remove any possible occurrences single quote ' character. And everything works as usual again:  However, the issue is the user may still have the tendency to type in their own value which may/may not contain special characters (we may never know as we can't predict user behavior). Therefore, may I suggest considering an option called `'Disabled typing input/user input'` into the Superset filter options? This would allow us to have proper control over the possibility of user trying to type in weird characters into the filter.  -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
