Iwao AVE!
Iwao AVE!
As I wrote in my first comment, filtering characters can never be a good strategy to prevent SQL injection. Trying to filter characters is the opposite of taking the security...
Thank you for the report, @tsasaki609 . This is a duplicate of #575 actually. In your case, defining `getText()` may be sufficient, but there is no elegant workaround for complex...
@tsasaki609 , Are you proposing to update the DTD? I'm not familiar with DTD, but is it possible to avoid `` nested inside other tags like ``? ```xml ```
@tsasaki609 , We plan to address the original issue you reported in the next minor update 3.6.x (cf. #2760 )
Hello @tokuhirom , Thank you for sharing the idea, but this proposal does not seem to be useful to majority of users, I'm afraid. Here are my thoughts. --- >...
Hello @koekj , Changing to `executeUpdate` has side effects and we cannot do that. I just tested and the following test passes. So, there may be something wrong with your...
@koekj , Okay, then please create a small demo project like [these](https://github.com/harawata/mybatis-issues) and share it on your GitHub repo. To investigate this issue, we need to reproduce it on our...
Oh, by the way, if the issue is reproducible with a plain JDBC code (i.e. without MyBatis) like the one I posted, please paste it.
Last time checked, there was no official docker image, so I had to install express edition or something on my VirtualBox VM. @sap 👎
Please try the latest version. There was a possibly related fix #2709 .