darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-24 09:21:39 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
bdd77f9150fde59d71fdc837ff4cd2cbf0d62896
notifications-api/tests
History
Chris Hill-Scott bdd77f9150 Escape special characters in search by recipient 
SQLAlchemy handles escaping anything that could allow a SQL injection
attack. But it doesn’t escape the characters used for wildcard
searching. This is the reason we’re able to do `.like('%example%')`
at all.

But we shouldn’t be letting our users search with wildcard characters,
so we need to escape them. Which is what this commit does.
2018-03-14 10:51:34 +00:00
..
app
Escape special characters in search by recipient
2018-03-14 10:51:34 +00:00
__init__.py
conftest.py
add tests for org invite rest, and update conftest
2018-02-23 10:45:18 +00:00
test_manifest_delivery_base.py