The CQL drivers are all still sitting on top of the execute_cql_query Thrift API method for now.
On Wed, Jun 29, 2011 at 2:12 PM, <dnalls...@taz.qinetiq.com> wrote: > > Someone asked a while ago whether Cassandra was vulnerable to injection > attacks: > > http://stackoverflow.com/questions/5998838/nosql-injection-php-phpcassa-cassandra > > With Thrift, the answer was 'no'. > > With CQL, presumably the situation is different, at least until prepared > statements are possible (CASSANDRA-2475) ? > > Has there been any discussion on this already that someone could point me to, > please? I couldn't see anything on JIRA (searching for CQL AND injection, CQL > AND security, etc). > > Thanks. > > ---------------------------------------------------------------- > This message was sent using IMP, the Internet Messaging Program. > > This email and any attachments to it may be confidential and are > intended solely for the use of the individual to whom it is addressed. > If you are not the intended recipient of this email, you must neither > take any action based upon its contents, nor copy or show it to anyone. > Please contact the sender if you believe you have received this email in > error. QinetiQ may monitor email traffic data and also the content of > email for the purposes of security. QinetiQ Limited (Registered in > England & Wales: Company Number: 3796233) Registered office: Cody Technology > Park, Ively Road, Farnborough, Hampshire, GU14 0LX http://www.qinetiq.com. >
