I don't think this is Spark-specific. Mostly you need to escape / quote user-supplied values as with any SQL engine.
On Thu, Sep 10, 2015 at 7:32 AM, V Dineshkumar <developer.dines...@gmail.com> wrote: > Hi, > > What is the preferred way of avoiding SQL Injection while using Spark SQL? > In our use case we have to take the parameters directly from the users and > prepare the SQL Statement.I was not able to find any API for preparing the > SQL statement safely avoiding injection. > > Thanks, > Dinesh > Philips India --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@spark.apache.org For additional commands, e-mail: user-h...@spark.apache.org