zhongjiajie commented on code in PR #15433:
URL:
https://github.com/apache/dolphinscheduler/pull/15433#discussion_r1443688964
##########
dolphinscheduler-datasource-plugin/dolphinscheduler-datasource-mysql/src/main/java/org/apache/dolphinscheduler/plugin/datasource/mysql/param/MySQLDataSourceProcessor.java:
##########
@@ -140,7 +132,32 @@ public Connection getConnection(ConnectionParam
connectionParam) throws ClassNot
log.warn("sensitive param : {} in password field is filtered",
AUTO_DESERIALIZE);
password = password.replace(AUTO_DESERIALIZE, "");
}
- return DriverManager.getConnection(getJdbcUrl(connectionParam), user,
password);
+
+ Properties connectionProperties =
getConnectionProperties(mysqlConnectionParam, user, password);
+
+ return DriverManager.getConnection(getJdbcUrl(connectionParam),
connectionProperties);
+ }
+
+ private Properties getConnectionProperties(MySQLConnectionParam
mysqlConnectionParam, String user,
+ String password) {
+ Properties connectionProperties = new Properties();
+ connectionProperties.put("user", user);
+ connectionProperties.put("password", password);
+ Map<String, String> paramMap = mysqlConnectionParam.getOther();
+ if (MapUtils.isNotEmpty(paramMap)) {
+ paramMap.forEach((k, v) -> {
+ if (!checkKeyIsLegitimate(k)) {
+ log.info("Key `{}` is not legitimate for security reason",
k);
+ return;
+ }
+ connectionProperties.put(k, v);
+ });
+ }
+ connectionProperties.put(AUTO_DESERIALIZE, "false");
+ connectionProperties.put(ALLOW_LOAD_LOCAL_IN_FILE_NAME, "false");
+ connectionProperties.put(ALLOW_LOCAL_IN_FILE_NAME, "false");
+ connectionProperties.put(ALLOW_URL_IN_LOCAL_IN_FILE_NAME, "false");
Review Comment:
Seem L150 already add log for it
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
