fuweng11 opened a new issue, #8603: URL: https://github.com/apache/inlong/issues/8603
### What happened Fix the vulnerability to security attacks for the MySQL JDBC URL. make some sensitive params value to false when the jdbc url has sensitive param,like "autoDeserizalize","allowLoadLocalInfile".... but in some mysql jdbc version the allowLoadLocalInFile default value is true,that means attacker don't need to set the allowLoadLocalInFile param in the jdbcurl,the sensitive params check will be bypass. for example,in the mysql connector 8.0.12 version,the allowLoadLocalInfile default value is DEFAULT_VALUE_TRUE. ### What you expected to happen Explicitly set the parameter in question to false when filtering for sensitive parameters. ### How to reproduce Use mysql connector 8.0.12 version. ### Environment _No response_ ### InLong version master ### InLong Component InLong Manager ### Are you willing to submit PR? - [X] Yes, I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@inlong.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
