Allow editing of data where a primary key column includes a % sign in the value. Fixes #4036

Fix an XSS issue seen in View/Edit data mode if a column name includes HTML. Fixes #4367
2025-02-25 18:55:31 -06:00 · 2019-06-20 12:21:37 +01:00
parent 5c0ea0c012
commit 6e8ebbd375
10 changed files with 112 additions and 23 deletions
--- a/web/pgadmin/utils/driver/psycopg2/cursor.py
+++ b/web/pgadmin/utils/driver/psycopg2/cursor.py
@@ -196,6 +196,9 @@ class DictCursor(_cursor):
        Execute function
        """
        self._odt_desc = None
+        if params is not None and len(params) == 0:
+            params = None
+
        return _cursor.execute(self, query, params)

    def executemany(self, query, params=None):