Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow escaping of literal colons in ActionRecord::Sanitization#replace_named_bind_variables #37797

Closed
wants to merge 3 commits into from
Closed

Allow escaping of literal colons in ActionRecord::Sanitization#replace_named_bind_variables #37797

wants to merge 3 commits into from

Conversation

f3ndot
Copy link
Contributor

@f3ndot f3ndot commented Nov 25, 2019

Summary

Fixes #37779.

This PR simply allows the ability to escape literal colons in SQL when using named bind params. See the above issue for a detailed description of the problem.

Other Information

If this proposal is accepted, I would love to also backport to 5.x as well.

@f3ndot
Allow use of backslashes to escape literal colons
0ba7fa6 
Despite the inconvenience of double-backslashing, the backslash was chosen
because it's a very common char to use in escaping across multiple programming
languages. A developer, without looking at documentation, may intuitively try
to use it to achieve the desired results in this scenario.

Fixes rails#37779
@rails-bot
Copy link

rails-bot bot commented Feb 23, 2020

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Thank you for your contributions.

@rails-bot rails-bot bot added the stale label Feb 23, 2020
@f3ndot f3ndot mentioned this pull request Feb 23, 2020
Closed
@rails-bot rails-bot bot removed the stale label Feb 23, 2020
@dmitrytrager
Copy link

Can we update this one?

@victorlcampos
Copy link

Hi guys,
some news about this issue?

@rails-bot
Copy link

rails-bot bot commented Jul 27, 2020

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Thank you for your contributions.

@rails-bot rails-bot bot added the stale label Jul 27, 2020
@rails-bot rails-bot bot closed this Aug 3, 2020
@ferrucc-io
Copy link

Would be great to update this one!

@nickurban
Copy link

This is still a problem...

@skipkayhil
Copy link
Member

I'm unable to reopen because the PR is pointing at the master branch which no longer exists, so I would recommend opening a new PR

@f3ndot f3ndot mentioned this pull request Jul 30, 2023
Merged
4 tasks
@f3ndot
Copy link
Contributor Author

f3ndot commented Jul 30, 2023

Hiya @skipkayhil, I've recreated the PR against rails/main here: #48852

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
activerecord stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ActionRecord::Sanitization, replace_named_bind_variables raises exception if timestamp format text present
6 participants
@f3ndot @dmitrytrager @victorlcampos @ferrucc-io @nickurban @skipkayhil