Commit 93630836 by Matthias Steffen Committed by Torkel Ödegaard

InfluxDB: Fixes single quotes are not escaped (#17398)

Fixes #17397
parent 76e5657b
...@@ -146,7 +146,7 @@ export default class InfluxQuery { ...@@ -146,7 +146,7 @@ export default class InfluxQuery {
value = this.templateSrv.replace(value, this.scopedVars); value = this.templateSrv.replace(value, this.scopedVars);
} }
if (operator !== '>' && operator !== '<') { if (operator !== '>' && operator !== '<') {
value = "'" + value.replace(/\\/g, '\\\\') + "'"; value = "'" + value.replace(/\\/g, '\\\\').replace(/\'/g, "\\'") + "'";
} }
} else if (interpolate) { } else if (interpolate) {
value = this.templateSrv.replace(value, this.scopedVars, 'regex'); value = this.templateSrv.replace(value, this.scopedVars, 'regex');
......
...@@ -139,6 +139,26 @@ describe('InfluxQuery', () => { ...@@ -139,6 +139,26 @@ describe('InfluxQuery', () => {
}); });
}); });
describe('field name with single quote should be escaped and', () => {
it('should generate correct query', () => {
const query = new InfluxQuery(
{
measurement: 'cpu',
groupBy: [{ type: 'time', params: ['auto'] }],
tags: [{ key: 'name', value: "Let's encrypt." }, { key: 'hostname', value: 'server2', condition: 'OR' }],
},
templateSrv,
{}
);
const queryText = query.render();
expect(queryText).toBe(
'SELECT mean("value") FROM "cpu" WHERE ("name" = \'Let\\\'s encrypt.\' OR "hostname" = \'server2\') AND ' +
'$timeFilter GROUP BY time($__interval)'
);
});
});
describe('query with value condition', () => { describe('query with value condition', () => {
it('should not quote value', () => { it('should not quote value', () => {
const query = new InfluxQuery( const query = new InfluxQuery(
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment