IntenseWebs/pgadmin4
3
0
Fork 0
mirror of https://github.com/pgadmin-org/pgadmin4.git synced 2025-02-25 18:55:31 -06:00
Code Issues Packages Projects Releases Wiki Activity

Ensure object names in external process dialogues are properly escaped. Fixes #3872

Browse Source
This commit is contained in:
Murtuza Zabuawala
2019-01-24 16:34:18 +00:00
committed by Dave Page
parent 42c7ae372f
commit d9fc9fdc4d
9 changed files with 121 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
web/pgadmin/tools/import_export/__init__.py
View File

@@ -83,7 +83,6 @@ class IEMessage(IProcessDesc):
def cmdArg(x):
if x:
x = html.safe_str(x)
x = x.replace('\\', '\\\\')
x = x.replace('"', '\\"')
x = x.replace('""', '\\"')
@@ -116,7 +115,11 @@ class IEMessage(IProcessDesc):
"Copying table data '{0}.{1}' on database '{2}' "
"and server ({3}:{4})"
).format(
self.schema, self.table, self.database, s.host, s.port
html.safe_str(self.schema),
html.safe_str(self.table),
html.safe_str(self.database),
html.safe_str(s.host),
html.safe_str(s.port)
)
@property