You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I took a stab at a safe implementation here. Welcome any feedback.
One potentially controversial decision i made was to ignore the actual filepath specified in the SQL (and then passed by the server back to the client when asking for the data). Instead, i require that the SQL request involving a LOCAL INFILE explicitly supply the data to send the server. I believe this addresses the security concerns, but at some inconvenience to the user.
https://dev.mysql.com/doc/internals/en/com-query-response.html#packet-Protocol::LOCAL_INFILE_Data
The text was updated successfully, but these errors were encountered: