ktmud edited a comment on pull request #12315:
URL: https://github.com/apache/superset/pull/12315#issuecomment-756318188
> I disagree with the concerns raised about security, a compromise of
app.config is a full pwn in any way we slice it.
Maybe I wasn't clear. It is true that a comprised `app.config` is very
serious, but that only means attackers will have access to db credentials and
access to datasources **Superset** can connect to---it doesn't mean attackers
can access **other internal systems** via **any user's credentials** that are
possibly behind an VPN. When you add the ability to write **arbitrary** content
to the HTML page, it opens a whole new flood gate. I'll admit such attack is
rare, but it doesn't seem worth the risk if we do have another feasible path
for the business needs in question.
> I don't think replacing a file before building the frontend will work for
our use case given that we're relying on the render_template_string to populate
a few values in the script (eg, current_user.id).
You can easily add such info to the bootstrap data. In fact, in a full
backend-frontend separated architecture, you would want to add that info to the
bootstrap data.
Finally, even if we want to implement this in Jinja template, we can also
add a blank overridable template file and use Jinja's `include ignore missing`:
```jinja
{%include "footer_extra.html" ignore missing %}
```
This way you also get syntax highlighting for free.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
