I've looked for information on leakproofness of operators but haven't found anything can you direct me to a source of this information?
On Fri, Jul 24, 2020 at 3:40 PM Ted Toth <txtoth@xxxxxxxxx> wrote:
On Fri, Jul 24, 2020 at 3:15 PM Tom Lane <tgl@xxxxxxxxxxxxx> wrote:Ted Toth <txtoth@xxxxxxxxx> writes:
> I'm trying to understand when RLS select policy is applied so I created the
> follow to test but I don't understand why the query filter order is
> different for the 2 queries can anyone explain?
The core reason why not is that the ~~ operator isn't considered
leakproof. Plain text equality is leakproof, so it's safe to evaluate
ahead of the RLS filter --- and we'd rather do so because the plpgsql
function is assumed to be much more expensive than a built-in operator.
(~~ isn't leakproof because it can throw errors that expose information
about the pattern argument.)
regards, tom laneThanks for the explanation.Ted
