[jira] [Comment Edited] (KYLIN-5494) API for diag has security issues

longfeiJiang (Jira) Thu, 06 Apr 2023 02:55:06 -0700


    [ 
https://issues.apache.org/jira/browse/KYLIN-5494?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17709215#comment-17709215
 ]


longfeiJiang edited comment on KYLIN-5494 at 4/6/23 9:54 AM:
-------------------------------------------------------------

*Dev Design*

Modified following APIs:
/kylin/api/system/diag  get ，delete ，post
/kylin/api/system/diag/query 
/kylin/api/system/diag/status

Encrypt the server with Base64 returned to front-end, 
Base64 decryption of the host value of 5 APIs request


was (Author: JIRAUSER298472):
*Dev Design*

Modified following APIs:
/kylin/api/system/diag  get ，delete ，post
/kylin/api/system/diag/query 
/kylin/api/system/diag/status

Encrypt the server with Base64, Base64 decryption of the host value of 5 APIs

> API for diag has security issues
> --------------------------------
>
>                 Key: KYLIN-5494
>                 URL: https://issues.apache.org/jira/browse/KYLIN-5494
>             Project: Kylin
>          Issue Type: Bug
>            Reporter: longfeiJiang
>            Assignee: longfeiJiang
>            Priority: Major
>
>  API for diag : (/kylin/api/system/diag?host= ip:port) 
> param ip is clear text



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Comment Edited] (KYLIN-5494) API for diag has security issues

Reply via email to