Refs #36795 -- Removed unnecessary prohibits_dollar_signs_in_column_aliases feature flag.

Now that user provided aliases are systematically quoted there is no need to
disallow the usage of the dollar sign on Postgres.

4 files changed, 3 insertions, 19 deletions

diff --git a/django/db/backends/base/features.py b/django/db/backends/base/features.py
index 22c05f28e9..466f8199bf 100644
--- a/django/db/backends/base/features.py
+++ b/django/db/backends/base/features.py
@@ -420,10 +420,6 @@ class BaseDatabaseFeatures:
     # Does the Round() database function round to even?
     rounds_to_even = False
 
-    # Should dollar signs be prohibited in column aliases to prevent SQL
-    # injection?
-    prohibits_dollar_signs_in_column_aliases = False
-
     # Should PatternLookup.process_rhs() use self.param_pattern? It's unneeded
     # on databases that don't use LIKE for pattern matching.
     pattern_lookup_needs_param_pattern = True
diff --git a/django/db/backends/postgresql/features.py b/django/db/backends/postgresql/features.py
index b663adc90c..d3fae82a10 100644
--- a/django/db/backends/postgresql/features.py
+++ b/django/db/backends/postgresql/features.py
@@ -70,7 +70,6 @@ class DatabaseFeatures(BaseDatabaseFeatures):
     supports_nulls_distinct_unique_constraints = True
     supports_no_precision_decimalfield = True
     can_rename_index = True
-    prohibits_dollar_signs_in_column_aliases = True
     test_collations = {
         "deterministic": "C",
         "non_default": "sv-x-icu",
diff --git a/docs/releases/6.1.txt b/docs/releases/6.1.txt
index 56b11deb80..82d17d5501 100644
--- a/docs/releases/6.1.txt
+++ b/docs/releases/6.1.txt
@@ -400,6 +400,9 @@ backends.
 * Set the new ``DatabaseFeatures.supports_inspectdb`` attribute to ``False``
   if the management command isn't supported.
 
+* The ``DatabaseFeatures.prohibits_dollar_signs_in_column_aliases`` feature
+  flag is removed.
+
 * The ``DatabaseOperations.binary_placeholder_sql()`` method now expects a
   query compiler as an extra positional argument and should return a
   two-elements tuple composed of an SQL format string and a tuple of associated
diff --git a/tests/annotations/tests.py b/tests/annotations/tests.py
index 42869bf131..b94f44ef22 100644
--- a/tests/annotations/tests.py
+++ b/tests/annotations/tests.py
@@ -1574,20 +1574,6 @@ class AliasTests(TestCase):
                 with self.assertRaisesMessage(ValueError, msg):
                     Book.objects.alias(**{crafted_alias: FilteredRelation("authors")})
 
-    def test_alias_filtered_relation_sql_injection_dollar_sign(self):
-        qs = Book.objects.alias(
-            **{"crafted_alia$": FilteredRelation("authors")}
-        ).values("name", "crafted_alia$")
-        if connection.features.prohibits_dollar_signs_in_column_aliases:
-            msg = (
-                "Dollar signs are not permitted in column aliases on "
-                f"{connection.display_name}."
-            )
-            with self.assertRaisesMessage(ValueError, msg):
-                list(qs)
-        else:
-            self.assertEqual(qs.first()["name"], self.b1.name)
-
     def test_values_wrong_alias(self):
         expected_message = (
             "Cannot resolve keyword 'alias_typo' into field. Choices are: %s"