Message5958

Author zyasoft
Recipients w_hunger, zyasoft
Date 2010-08-14.20:07:48
SpamBayes Score 6.60302e-06
Marked as misclassified No
Message-id <1281816469.94.0.926265253453.issue1553@psf.upfronthosting.co.za>
In-reply-to
Content
First, dbexts is definitely a module we would not include in Jython today, since it would be better to just have it be in PyPI. Secondly, it has no unit tests! That's the bigger problem here, now that Jython dev has standardized on unit testing in nearly every code change.

There are a number of encoding issues here. Besides console, another example is seen in dbexts.html function, which does not even encode the output for HTML, so it looks like it's a good candidate for a SQL injection attack.

Perhaps the functionality of dbexts (its zxJDBC support) should be merged with 
SQLPython? This is a maintained shell with an active user group. See http://packages.python.org/sqlpython/

No good answers here without some additional work and probably discussion on the jython-dev mailing list.
History
Date User Action Args
2010-08-14 20:07:49zyasoftsetmessageid: <1281816469.94.0.926265253453.issue1553@psf.upfronthosting.co.za>
2010-08-14 20:07:49zyasoftsetrecipients: + zyasoft, w_hunger
2010-08-14 20:07:49zyasoftlinkissue1553 messages
2010-08-14 20:07:48zyasoftcreate