oci/zeronet
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow only SELECT in storage.query

Browse source
This commit is contained in:
shortcutme 2018-12-15 17:45:17 +01:00
parent edc1a71d0d
commit 4fe6ae9811
No known key found for this signature in database
GPG key ID: 5B63BAE6CB9613AE
2 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/Ui/UiWebsocket.py
View file

@ -669,8 +669,6 @@ class UiWebsocket(object):
s = time.time()
rows = []
try:
if not query.strip().upper().startswith("SELECT"):
raise Exception("Only SELECT query supported")
res = self.site.storage.query(query, params)
except Exception, err: # Response the error to client
self.log.error("DbQuery error: %s" % err)