You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Joe Witt (Jira)" <ji...@apache.org> on 2022/10/04 19:38:00 UTC

[jira] [Created] (NIFI-10591) Strip JDBC Strings of values like 'autoDeserialize' which we have no intent to support

Joe Witt created NIFI-10591:
-------------------------------

             Summary: Strip JDBC Strings of values like 'autoDeserialize' which we have no intent to support
                 Key: NIFI-10591
                 URL: https://issues.apache.org/jira/browse/NIFI-10591
             Project: Apache NiFi
          Issue Type: Improvement
            Reporter: Joe Witt


It was reported by a user that JDBC parameters such as 'autoDeserialize' as used by certain databases/drivers (MySQL for example) can be dangerous in some cases.  There are no known cases where we'd want to support such a parameter and thus we should detect and strip it from any URLs (without option).  We can log what URL string we ultimately create after stripping.  Perhaps there are other parameters we'd want to automatically strip out.  Needs review.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)