Arseny Sher <a.s...@postgrespro.ru> writes: > Attached patch allows dbname expansion and makes sure that it doesn't > contain any invalid options.
I'm pretty much against this in principle. It complicates both the code and the conceptual API, for no serious gain, even if you take it on faith that it doesn't and never will produce any security issues. > Whether you decide to commit it or not > (at the moment I don't see any security implications, at least not more than > in usual dbname expansion usage, e.g. in psql, but who knows), it seems > to me that the documentation should be updated since currently it is not > clear on the subject, as the beginning of this thread proves. I really don't see anything wrong with the FDW's documentation. To claim that it's not clear, you have to suppose that a connstring's dbname field is allowed to recursively contain a connstring. However, if you've got a concrete suggestion about improving the wording, let's see it. Now on the other hand, libpq's documentation seems a little confusing on this point independently of the FDW: so far as I can see, what "certain contexts" means is not clearly defined anywhere, and for that matter "checked for extended formats" is a masterpiece of unhelpful obfuscation. regards, tom lane -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers