On 12/6/23 20:39, Viktor Dukhovni via Postfix-devel wrote:
> On Thu, Dec 07, 2023 at 01:06:57AM +, Hamid Maadani wrote:
>
However, I am concerned about the use of `bson_new_from_json()` and its
need to quote the MongoDB operators. This feels completely unnatural.
How is there th
>> We probably don't need to go as far as parsing the JSON query to ensure
>> that '%x' substitutions happen only in values and not in keys...
>
> I think it would be preferable to do this, as it catches human error that
> would result in an insecure system. One just needs to ensure that keys
> ke
