-
Notifications
You must be signed in to change notification settings - Fork 14.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement middleware to prevent regexp parameters and payload #47543
base: main
Are you sure you want to change the base?
Conversation
a155abf
to
89b669d
Compare
CI failures seem unrelated. Rebasing |
89b669d
to
721b9f8
Compare
Okay, two tests from k8s are seems related. I will check this out to be sure, but implementation should be ready for review. |
721b9f8
to
dcd9a9f
Compare
dcd9a9f
to
b90ca77
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should be able to disable that middleware - or add exceptions. With middlewares like this, it's often to get unforeseen false positives and we should be able to give the users a chance to bypass the middlewar in such specific cases.
b90ca77
to
527c294
Compare
…dard requests, include model validation, update test case where violate regexp and cannot pass through in connection since nothing can now have regexp like values, exclude some fields to prevent blocker for more likely include regexp like patterns such as password
ef44f26
to
a297425
Compare
I think we should enable it by default. What do you think? |
closes: #47364
^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in a newsfragment file, named
{pr_number}.significant.rst
or{issue_number}.significant.rst
, in newsfragments.