cassandra-client-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Ellis <>
Subject Re: PHP Cassandra CQL driver
Date Tue, 29 Mar 2011 14:54:32 GMT
On Tue, Mar 29, 2011 at 9:41 AM, Courtney Robinson <> wrote:
> My suggestion as a means of heavily mitigating the damage of these attacks would be to
only permit a single query at a time (i.e. remove the ';' token). Only trusted, administrative
client applications (e.g. a GUI or console) should really permit issuing multiple queries
like this. Such clients could decompose the queries in to separate queries and issue them


; should only be used to let an interactive interface to know "that's
the end of my query."

Jonathan Ellis
Project Chair, Apache Cassandra
co-founder of DataStax, the source for professional Cassandra support

View raw message