New ask Hacker News story: Ask HN: Why aren't SQL queries compiled?
Ask HN: Why aren't SQL queries compiled?
2 by Harlekuin | 2 comments on Hacker News.
If the database knew what queries were running ahead of time and have them compiled you could easily defend against SQL injection because the SQL isn't being interpreted as it's run, and it would be possible to run analysis over the query to see if there are any indexes or implementations missing that could speed it up. Something like a stored procedure's variable substitution but not interpreted when called.
2 by Harlekuin | 2 comments on Hacker News.
If the database knew what queries were running ahead of time and have them compiled you could easily defend against SQL injection because the SQL isn't being interpreted as it's run, and it would be possible to run analysis over the query to see if there are any indexes or implementations missing that could speed it up. Something like a stored procedure's variable substitution but not interpreted when called.
Comments
Post a Comment