RE: Question about password character in ECPG's connection string
Egashira, Yusuke <egashira.yusuke@jp.fujitsu.com>
From: "Egashira, Yusuke" <egashira.yusuke@jp.fujitsu.com>
To: 'Luca Ferrari' <fluca1978@gmail.com>, Alban Hertroys <haramrae@gmail.com>, "pgsql-general@postgresql.org" <pgsql-general@postgresql.org>
Cc: Adrian Klaver <adrian.klaver@aklaver.com>, Giuseppe Sacco <giuseppe@eppesuigoccas.homedns.org>
Date: 2019-08-29T11:08:37Z
Lists: pgsql-general
> > Perhaps it helps to URL-encode the & in the password as %26?
>
> The OP already did without success.
Yes, I already get failed with URL-encode the &.
> Could it be needed to escape the & with the backslash or single ticks?
Thanks. I tested with "pass\&word" and "'pass&word'".
However, them also failed...
My tested ways are followings.
- [ECPG] Connection option with plain string :
EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password=pass&word"
-> Failed.
- [ECPG] Connection option with percent-encoded string :
EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password=pass%26word"
-> Failed.
- [ECPG] Connection option with backslash escaped string :
EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password=pass\&word"
-> Failed. (and gcc claims warning)
- [ECPG] Connection option with single-quoted string :
EXEC SQL CONNECT "tcp:postgresql://localhost?user=myuser&password='pass&word'"
-> Failed.
- [ECPG] USING or IDENTIFIED BY phrase :
EXEC SQL CONNECT "tcp:postgresql://localhost" USER "myuser" USING "pass&word"
EXEC SQL CONNECT "tcp:postgresql://localhost" USER "myuser" IDENTIFIED BY "pass&word"
-> Success.
- [psql] Connection option with plain string :
psql "postgresql://localhost?user=myuser&password=pass&word"
-> Failed.
- [psql] Connection option with percent-encoded string :
psql "postgresql://localhost?user=myuser&password=pass%26word"
-> Success.
According to my tests, I think that the ECPG's connection_option seems not to accept '&' character as password anyhow...
ECPG CONNECT's connection_option seems to have some restricted characters.
I will use "IDENTIFIED BY" phrase to connect the database in my ECPG application.
The database role's password often contains '&' in our environment.
I hope to this limitation will be documented because it causes confusion.
Regards.
--
Yusuke, Egashira
Commits
-
Doc: describe the "options" allowed in an ECPG connection target string.
- fd198a89ba89 9.6.16 landed
- bea87c02cee7 9.4.25 landed
- 942b78af81aa 9.5.20 landed
- 9230cc706df0 10.11 landed
- 756349c87b85 13.0 landed
- 5eec908c3c2e 12.0 landed
- 232f645ae20f 11.6 landed
-
Cosmetic improvements for options-handling code in ECPGconnect().
- b61a5e6a1f8d 13.0 landed