diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2023-07-21 10:35:19 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2023-07-21 10:42:52 +0100 |
| commit | 66ce3fc9291d13fe8a7d4099942b9101aef1c38c (patch) | |
| tree | 8babf97c303c524395b5f37a8f0e0c771a16b72a | |
| parent | 9c254e6f5079a0df3e3df8cfaa0e917ac421498b (diff) | |
Docs: another note on quoting data for lookups
| -rw-r--r-- | doc/doc-docbook/spec.xfpt | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 9eb0b6b56..7a28d8107 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -7378,10 +7378,15 @@ of the following form is provided: .code ${quote_<lookup-type>:<string>} .endd -For example, the safest way to write the NIS+ query is +For example, the way to write the NIS+ query is .code [name="${quote_nisplus:$local_part}"] .endd +.cindex "tainted data" "in lookups" +.new +&*All*& tainted data used in a quoery-style lookup must be quoted +using a mechanism appropriate for the lookup type. +.wen See chapter &<<CHAPexpand>>& for full coverage of string expansions. The quote operator can be used for all lookup types, but has no effect for single-key lookups, since no quoting is ever needed in their key strings. |