mik-laj commented on a change in pull request #17847:
URL: https://github.com/apache/airflow/pull/17847#discussion_r696662423
##########
File path: scripts/in_container/prod/entrypoint_prod.sh
##########
@@ -83,24 +84,12 @@ function wait_for_connection {
# It tries `CONNECTION_CHECK_MAX_COUNT` times and sleeps
`CONNECTION_CHECK_SLEEP_TIME` between checks
local connection_url
connection_url="${1}"
- local detected_backend=""
- local detected_host=""
- local detected_port=""
-
- # Auto-detect DB parameters
- # Examples:
- # postgres://YourUserName:password@YourHostname:5432/YourDatabaseName
- # postgres://YourUserName:password@YourHostname:5432/YourDatabaseName
- # postgres://YourUserName:@YourHostname:/YourDatabaseName
- # postgres://YourUserName@YourHostname/YourDatabaseName
- [[ ${connection_url} =~
([^:]*)://([^:@]*):?([^@]*)@?([^/:]*):?([0-9]*)/([^\?]*)\??(.*) ]] && \
- detected_backend=${BASH_REMATCH[1]} &&
- # Not used USER match
- # Not used PASSWORD match
- detected_host=${BASH_REMATCH[4]} &&
- detected_port=${BASH_REMATCH[5]} &&
- # Not used SCHEMA match
- # Not used PARAMS match
+ local detected_backend
+ detected_backend=$(python -c "from urllib.parse import urlsplit;
print(urlsplit('${connection_url}').scheme)")
Review comment:
```suggestion
detected_backend=$(python -c "from urllib.parse import urlsplit; import
sys; print(urlsplit(sys.argv[1]).scheme)" "${connection_url}")
```
I am concerned that some inputs may lead to Command Injection and therefore
incorrect script behavior.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
