thmeitz / ksqldb-go Goto Github PK
View Code? Open in Web Editor NEWksqldb-go client
License: Apache License 2.0
ksqldb-go client
License: Apache License 2.0
Hi,
I am very new with go and I don't know how to access the values of the headerChannel from the push api example.
go func() {
for row := range rowChannel {
if row != nil {
for row_col := range row {
fieldn := row[row_col].(string)
//var header ksqldb.Header
header := <- headerChannel
fmt.Printf("%+v\n",header)
fmt.Printf("%d : %s\n", row_col, fieldn)
}
}
}
cancelFunction()
}()
I did something like this in the go routine. The header values are displayed in the console :
{queryId:transient_USER_BEHAVIOR_4058313251310728391 columns:[{Name:EXE Type:STRING}]}
But I cannot access any field of the Header type. I have the following error header.queryId undefined (type ksqldb.Header has no field or method
if I call this instruction :
fmt.Printf("%s\n",header.queryId)
Do you know what is the problem ?
I use go 1.18 with ksqldb-go v0.0.4
Currently, there is no way to propagate a context to HTTP requests which means that the client does not respect cancellations and timeouts and tracing is also not possible.
Generally, context support can be added in a backwards compatible way by creating new functions for each request, attaching Context
or Ctx
as a suffix.
Would you be open to accepting a contribution with this change?
(e.g. commandID, commandStatus.status, etc).
Hello,
It looks like SQL injection is still possible on ksqldb package if the parameter has single quotes in it.
k := `SELECT TIMESTAMPTOSTRING(WINDOWSTART,'yyyy-MM-dd HH:mm:ss','Europe/London') AS WINDOW_START,
TIMESTAMPTOSTRING(WINDOWEND,'HH:mm:ss','Europe/London') AS WINDOW_END,
DOG_SIZE, DOGS_CT FROM DOGS_BY_SIZE
WHERE DOG_SIZE=?;`
stmnt, err := ksqldb.QueryBuilder(k, "middle' OR 'a'='a")
if err != nil {
log.Fatal(err)
}
fmt.Println(*stmnt)
The Cobra example results in too many dependencies being added to the package. For this reason, the examples are moved to the ksqldb-go-examples repo.
We ran into SQL syntax problems with executing queries when the raw string literal doesn't contain spaces after \n
.
eg.:
q := `CREATE STREAM IF NOT EXISTS DOGS (ID STRING KEY,
NAME STRING,
DOGSIZE STRING,
AGE STRING)
WITH (KAFKA_TOPIC='dogs',
VALUE_FORMAT='JSON', PARTITIONS=1);
`
instead of:
q := `CREATE STREAM IF NOT EXISTS DOGS (ID STRING KEY,
NAME STRING,
DOGSIZE STRING,
AGE STRING)
WITH (KAFKA_TOPIC='dogs',
VALUE_FORMAT='JSON', PARTITIONS=1);
`
I think it's very error-prone, and the SanitizeQuery
function should replace \t
and \n
with
.
implement close-push-query
SQL strings should be built by a QueryBuilder. Otherwise the system is open for SQL injections (see https://github.com/OWASP/Go-SCP/blob/master/dist/go-webapp-scp.pdf).
// it's a kind of Prepared Statement
// its an example from go-webpp-scp.pdf ;)
query := "SELECT number, expireDate, cvv FROM creditcards WHERE customerId = ?"
stmt, err := ksqldb.QueryBuilder(ctx, query).Int(customerId)
Types:
Errors:
customerId
to Int, etc)Thoughts:
This fixes this bug
Lines 157 to 159 in 1690e22
Run a query (/query endpoint) is deprecated and will not be implemented
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.