Re: expand_dbname in postgres_fdw

Arseny Sher <a(dot)sher(at)postgrespro(dot)ru> writes:
> Attached patch allows dbname expansion and makes sure that it doesn't
> contain any invalid options.

I'm pretty much against this in principle. It complicates both the code
and the conceptual API, for no serious gain, even if you take it on faith
that it doesn't and never will produce any security issues.

> Whether you decide to commit it or not
> (at the moment I don't see any security implications, at least not more than
> in usual dbname expansion usage, e.g. in psql, but who knows), it seems
> to me that the documentation should be updated since currently it is not
> clear on the subject, as the beginning of this thread proves.

I really don't see anything wrong with the FDW's documentation. To claim
that it's not clear, you have to suppose that a connstring's dbname field
is allowed to recursively contain a connstring. However, if you've got a
concrete suggestion about improving the wording, let's see it.

Now on the other hand, libpq's documentation seems a little confusing
on this point independently of the FDW: so far as I can see, what "certain
contexts" means is not clearly defined anywhere, and for that matter
"checked for extended formats" is a masterpiece of unhelpful obfuscation.

regards, tom lane