1 legacy code before I read up on the need for the extra = to be added. I'll do a search for any lingering mis matches like that.

2 My plan is to convert most of the xmlhttprequest code to either a proper networking stack or web sockets. In a future release, and I agree that code is a little redundant.

3 I think we're going to sound like a broken record after a while, the data that could cause the injection isn't human accessible and scrubbed in other parts of the program. However, I have found a method that seems to work with Qt's SQL implementation and will start replacing the insecure code with a more secure version.

I'm never sure if you're a bot or not, but thanks for all the work you do for utopian.