SELECT-only Enforcement

How Conexor prevents data modification through SQL injection

Overview

By default, Conexor only allows SELECT queries to be executed. This prevents accidental or malicious data modification through the MCP interface.

Blocked Keywords

The following SQL keywords are blocked in query templates:

INSERT, UPDATE, DELETE, DROP, CREATE, ALTER, TRUNCATE,
MERGE, GRANT, REVOKE, EXEC, EXECUTE, sp_, xp_

Also blocked:
-- Single-line comments
/* Multi-line comments */
; (semicolon - prevents query chaining)

How It Works

Before execution, every query is validated:

1. Remove all comments from the query
2. Check for blocked keywords
3. Verify the query starts with SELECT (or WITH for CTEs)
4. Enforce row limit (based on plan tier)

private bool IsSelectQuery(string sql)
{
    var normalized = RemoveComments(sql).Trim().ToUpperInvariant();
    
    // Check for blocked keywords
    var blocked = new[] { "INSERT", "UPDATE", "DELETE", "DROP", ... };
    if (blocked.Any(kw => normalized.Contains(kw)))
        return false;
    
    // Must start with SELECT or WITH (for CTEs)
    return normalized.StartsWith("SELECT") || normalized.StartsWith("WITH");
}

Common Table Expressions (CTEs)

WITH clauses are allowed because they're commonly used for complex SELECT queries:

-- This is allowed
WITH TopCustomers AS (
    SELECT CustomerId, SUM(Total) as TotalSpent
    FROM Orders
    GROUP BY CustomerId
)
SELECT * FROM TopCustomers WHERE TotalSpent > 10000

Disabling SELECT-only Mode

For data sources that require INSERT/UPDATE/DELETE, you can enable "Allow All Queries" in the data source settings. This bypasses the SELECT-only validation.

Row Limits

All queries are subject to a row limit that depends on your plan (see the billing page for details). This prevents runaway queries from consuming excessive resources. Use pagination for larger result sets.