[Chameleon-dev] [Bug 1022] JSAPI: javascript error when DATA statement contains '

bugzilla-daemon at maptools.org bugzilla-daemon at maptools.org
Mon May 9 17:28:33 EDT 2005


http://www.maptools.org/bugzilla/show_bug.cgi?id=1022





------- Additional Comments From dmorissette at dmsolutions.ca  2005-05-09 17:28 -------
Ouch! Sounds scary to see that SQL statements are exposed to the JSAPI... even
just exposing the DATA statement seems dangerous to me. I know it's possible to
set DATA via the mapserv CGI and I'm not in favour of that either, but at least
I thinkit's been made very restrictive to prevent security issues.

I think I made that comment before but couldn't track the bug where I made it.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.


Please do NOT reply to this email, use the link above instead to 
login to bugzilla and submit your comment. Any email reply to this
address will be lost.


More information about the Chameleon-dev mailing list