Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL.

author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2022-04-01 13:48:47 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2022-04-11 08:59:58 +0200
commit: 6723a26e59b0b5429a0c5873941e01a2e1bdbb81 (patch)
tree: 59bbe514736c482903de4d92046e9f58594680d3 /django/db/backends/postgresql/features.py
parent: 93cae5cb2f9a4ef1514cf1a41f714fef08005200 (diff)
download: django-6723a26e59b0b5429a0c5873941e01a2e1bdbb81.tar.gz
1 files changed, 0 insertions, 1 deletions
diff --git a/django/db/backends/postgresql/features.py b/django/db/backends/postgresql/features.py
index 5e6752b97a..8aae4caf34 100644
--- a/django/db/backends/postgresql/features.py
+++ b/django/db/backends/postgresql/features.py
@@ -54,7 +54,6 @@ class DatabaseFeatures(BaseDatabaseFeatures):
     only_supports_unbounded_with_preceding_and_following = True
     supports_aggregate_filter_clause = True
     supported_explain_formats = {"JSON", "TEXT", "XML", "YAML"}
-    validates_explain_options = False  # A query will error on invalid options.
     supports_deferrable_unique_constraints = True
     has_json_operators = True
     json_key_contains_list_matching_requires_list = True
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2022-04-01 13:48:47 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2022-04-11 08:59:58 +0200
commit	6723a26e59b0b5429a0c5873941e01a2e1bdbb81 (patch)
tree	59bbe514736c482903de4d92046e9f58594680d3 /django/db/backends/postgresql/features.py
parent	93cae5cb2f9a4ef1514cf1a41f714fef08005200 (diff)
download	django-6723a26e59b0b5429a0c5873941e01a2e1bdbb81.tar.gz