Skip to content

Commit

Permalink
Insecure parameters for MySQL DB JDBC connection
Browse files Browse the repository at this point in the history
Three parameters:

- allowLoadLocalInFile
- allowUrlInLocalInfile
- autoDeserialize

were forcefully set to false for any MySQL DB JDBC connection
  • Loading branch information
willyborankin committed Jul 6, 2021
1 parent 4b88de6 commit 5e1b512
Showing 1 changed file with 9 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Collection;
import java.util.Properties;

import org.apache.kafka.connect.data.Date;
import org.apache.kafka.connect.data.Decimal;
Expand Down Expand Up @@ -123,6 +124,14 @@ protected String getSqlType(final SinkRecordField field) {
}
}

@Override
protected Properties addConnectionProperties(final Properties properties) {
properties.put("allowLoadLocalInFile", Boolean.FALSE.toString());
properties.put("allowUrlInLocalInfile", Boolean.FALSE.toString());
properties.put("autoDeserialize", Boolean.FALSE.toString());
return properties;
}

@Override
public String buildUpsertQueryStatement(
final TableId table,
Expand Down

0 comments on commit 5e1b512

Please sign in to comment.