[Dbix-class] set_column with references - possible SQL injection

Matt S Trout mst at shadowcat.co.uk
Sat Apr 28 02:01:07 GMT 2018


On Sun, Feb 11, 2018 at 04:49:25PM +0100, Peter Rabbitson wrote:
> I suspect this should go into the default set shipped with
> SQL::Abstract [3] , but have not yet done any testing / analysis of
> how much impact this would have.
> 
> As a first step I'd recommend you contact the mojolicious people
> with this workaround, as they currently seem to be the primary
> driver behind SQLA things.

I'd be delighted to discuss this, but it would require either you to
retract your personal attacks on ilmari, the SQL::Abstract maintainer,
or to nominate a proxy to discuss this who is capable of discussing this
like an adult.

-- 
Matt S Trout - Shadowcat Systems - Perl consulting with a commit bit and a clue

http://shadowcat.co.uk/blog/matt-s-trout/   http://twitter.com/shadowcat_mst/

Email me now on mst (at) shadowcat.co.uk and let's chat about how our CPAN
commercial support, training and consultancy packages could help your team.



More information about the DBIx-Class mailing list