c1dbca6779
## Description This PR fixes an issue where a potentially malicious user can connect to disallowed hosts from the Elasticsearch plugin within Appsmith. This is because Elasticsearch client SDK is a HTTP interface underneath the hood. ## Type of change - Bug fix (non-breaking change which fixes an issue) ## How Has This Been Tested? - Junits for the following: - create datasource with disallowed host - validate datasource with disallowed host - test datasource with disallowed host ## Checklist: - [x] My code follows the style guidelines of this project - [x] I have performed a self-review of my own code - [x] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [x] My changes generate no new warnings - [x] I have added tests that prove my fix is effective or that my feature works - [x] New and existing unit tests pass locally with my changes |
||
|---|---|---|
| .. | ||
| .run | ||
| appsmith-git | ||
| appsmith-interfaces | ||
| appsmith-plugins | ||
| appsmith-server | ||
| envs | ||
| mongo-seed | ||
| reactive-caching | ||
| scripts | ||
| .gitignore | ||
| build.sh | ||
| buildpack-run.sh | ||
| docker-compose.yml | ||
| Dockerfile | ||
| entrypoint.sh | ||
| pom.xml | ||
| Procfile | ||
| README.md | ||
| system.properties | ||
Appsmith Server
This is the server-side repository for the Appsmith framework.
For details on setting up your development machine, please refer to the Setup Guide