Autoescaping startswith
Current implementation of .startswith filter does not escape _ and % characters, so they match any character/any character sequence. This is rather unexpected (at least the fact that .startswith("a_b") finds "a/b" was fairly surprising for me) and requires users to manually escape parameters. See http://pastebin.com/qsCjybMz for short script which illustrates current behaviour.
It would be nice to have .startswith which automatically escapes parameter. As in #1169 I was warned that current default must be kept, and introducing new name is not very aestethic, I would suggest new parameter, for example
.startswith("a_b", autoescape=True)
(SQLAlchemy escapes string using whatever character is best and safest for given db backend) and
.startswith("a_b", autoescape='#')
(SQLAlchemy uses given escape character)
Note: I am not sure whether/what should be done in case we .startswith(dbcolumn)
Note 2: startswith docs could really mention (current) escape param, (current) % and _ active behaviour and (implemented here) new param.
Comments (10)
-
reporter -
repo owner yeah definitely kw argument and i think if the given expression is not a string it has to raise NotImplementedError().
-
repo owner - changed milestone to 0.x.xx
-
repo owner -
assigned issue to
- edited description
-
assigned issue to
-
repo owner - changed milestone to 1.x.xx
-
repo owner - changed milestone to 1.1
-
repo owner - changed milestone to 1.2
-
repo owner current gerrit at https://gerrit.sqlalchemy.org/#/c/17/
-
repo owner this might be in good shape to go in for 1.2, gerrit looks good + lots of great new docstrings
-
repo owner - changed status to resolved
add autoescape option to startswith, endswith, and contains
Fixes:
#2694Change-Id: I34c0bdcb01c2b76b9ab6cd315dae13e3dd8a502b Pull-request: https://github.com/zzzeek/sqlalchemy/pull/207→ <<cset 2895c57b29c5>>
- Log in to comment
(added benefit of introducing behaviour as new param not new function: the whole problem would be more likely to be noticed by .startswith users)