<frojnd>
@Blacksmoke16 I tried to add the list *before* the `values` keyword but I get some syntax errors: Unhandled exception: syntax error at or near "args" (PQ::PQError) This is how I tried to do it: https://termbin.com/k20wt But is there something I can read more about postgres and crystal?
Vexatos has quit [Quit: Client Quit]
Vexatos has joined #crystal-lang
jmd_ has quit [Ping timeout: 252 seconds]
<frojnd>
This: `db.exec "insert into app values (package, version_code, version_name, md5)", "foo.bar", 4, "2323", "asdfasdfasdfasfda"` should just work according to: https://crystal-lang.org/reference/1.4/database/index.html or are there any other docs?
ur5us has joined #crystal-lang
ur5us_ has joined #crystal-lang
ur5us has quit [Ping timeout: 240 seconds]
Starfoxxes has quit [Ping timeout: 260 seconds]
Starfoxxes has joined #crystal-lang
notzmv has quit [Ping timeout: 252 seconds]
Starfoxxes has quit [Ping timeout: 248 seconds]
Starfoxxes has joined #crystal-lang
debayer has joined #crystal-lang
ur5us_ has quit [Remote host closed the connection]
ur5us_ has joined #crystal-lang
<FromGitter>
<cuteghost> Hi, can anyone help me understand something? I am trying to exploit POST XSS by leveraging CSRF vulnerability. I came across the problem that I can not use the standard <form> tag and auto submit it to the API since the API only accepts the application/json and the vulnerable parameter is in json. I am thinking if I can intercept the request w/ HTTP::Handler and modify the Content-Type to be application/json
<FromGitter>
... and pass it to the server. Once the server gives me back the response can I redirect the client to that page with a response that came back from the API server to the Crystal server?
<FromGitter>
<cuteghost> I would like to get the same functionality as the <form> tag has, once a post request is submitted the user is redirected to that page.
analogsalad has joined #crystal-lang
ur5us_ has quit [Ping timeout: 240 seconds]
Sankalp has quit [Read error: Connection reset by peer]
Sankalp has joined #crystal-lang
notzmv has joined #crystal-lang
<FromGitter>
<Blacksmoke16> frojnd: to be clear i mean you want to do like `insert into app (name, package, version_code, version_name, md5) values ($1, $2, $3, $4, $5)`
<FromGitter>
<Blacksmoke16> `db.exec "insert into app (name, package, version_code, version_name, md5) values ($1, $2, $3, $4, $5)", "foo.bar", 4, "2323", "asdfasdfasdfasfda"` to be explicit
<frojnd>
@Blacksmoke16 Thank you yeah. Not sure what should I look for plain postgres sql syntax or am I missing some other crystal pg documentation
<FromGitter>
<Blacksmoke16> er i think in that example theres 1 too many args than what i provided, but you get the idea i think
<frojnd>
yeah
<FromGitter>
<Blacksmoke16> i.e. the list of columns you're inserting goes before `values`, then the values (or placeholders) go after
analogsalad has quit [Quit: bye]
Sankalp- has joined #crystal-lang
Sankalp has quit [Ping timeout: 248 seconds]
Sankalp- is now known as Sankalp
<FromGitter>
<moe:busyloop.net> that's one of the warts on SQL. painfully redundant and error prone.
debayer has quit [Quit: if you can't play with it, why bother?]
analogsalad has joined #crystal-lang
analogsalad has quit [Quit: bye]
yxhuvud has quit [Quit: No Ping reply in 180 seconds.]
yxhuvud has joined #crystal-lang
postmodern has joined #crystal-lang
<postmodern>
which http/2 shard do people use?
jmdaemon has joined #crystal-lang
ur5us_ has joined #crystal-lang
Sankalp has quit [Ping timeout: 256 seconds]
<postmodern>
also is there a shard for handling rate limiting and backoff?
<postmodern>
also does HTTP::Client automatically URI escape the given URL?