Can't find anything in the docs as to whether query strings passed into
Session.execute are escaped/safe from SQL injection. Any insights? Thanks.
--
You received this message because you are subscribed to the Google Groups
sqlalchemy group.
To post to this group, send email to
On Feb 28, 2011, at 5:35 PM, Ryan wrote:
Can't find anything in the docs as to whether query strings passed into
Session.execute are escaped/safe from SQL injection. Any insights? Thanks.
A literal query string is only safe against injection if you ensure that the
string contains no
Great. Thank you.
On Mon, Feb 28, 2011 at 9:37 PM, Michael Bayer mike...@zzzcomputing.comwrote:
On Feb 28, 2011, at 5:35 PM, Ryan wrote:
Can't find anything in the docs as to whether query strings passed into
Session.execute are escaped/safe from SQL injection. Any insights? Thanks.
A