GitHub user dosubot[bot] added a comment to the discussion: [Security Concern] - DB Queries Visible for Embedded Charts
<!-- Greeting --> Hello @Nimishbansal-16! I'm [Dosu](https://dosu.dev), a bot here to help you solve bugs, answer questions, and navigate your way to becoming a contributor. I'm here while you wait for a human maintainer. How can I assist you today? <!-- Answer --> To address your security concern about exposing SQL queries when embedding Superset charts, you can leverage a feature implemented in Apache Superset's 4.1 branch. This feature removes the 'query' field from the `/chart/data` payload for guest users, thus preventing the exposure of internal database queries and table names. This security improvement will be available in the Superset 4.1 release <sup>[[1]](https://github.com/apache/superset/discussions/32765)</sup>. <!-- Dosu Comment Footer --> *To continue talking to [Dosu](https://dosu.dev), mention @dosu.* --- <sup>Help Dosu learn! Give it feedback: [Great Response](https://app.dosu.dev/response-feedback/9ffe2427-1351-4418-a812-edb7d41a8c07?feedback_type=great_response) | [Irrelevant Answer](https://app.dosu.dev/response-feedback/9ffe2427-1351-4418-a812-edb7d41a8c07?feedback_type=irrelevant_answer) | [Incorrect Sources](https://app.dosu.dev/response-feedback/9ffe2427-1351-4418-a812-edb7d41a8c07?feedback_type=incorrect_sources) | [Too Verbose](https://app.dosu.dev/response-feedback/9ffe2427-1351-4418-a812-edb7d41a8c07?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/9ffe2427-1351-4418-a812-edb7d41a8c07?feedback_type=hallucination) | [Bug Report](https://app.dosu.dev/response-feedback/9ffe2427-1351-4418-a812-edb7d41a8c07?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/9ffe2427-1351-4418-a812-edb7d41a8c07?feedback_type=other)</sup> GitHub link: https://github.com/apache/superset/discussions/33460#discussioncomment-13165808 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
