c1dbca6779
## Description This PR fixes an issue where a potentially malicious user can connect to disallowed hosts from the Elasticsearch plugin within Appsmith. This is because Elasticsearch client SDK is a HTTP interface underneath the hood. ## Type of change - Bug fix (non-breaking change which fixes an issue) ## How Has This Been Tested? - Junits for the following: - create datasource with disallowed host - validate datasource with disallowed host - test datasource with disallowed host ## Checklist: - [x] My code follows the style guidelines of this project - [x] I have performed a self-review of my own code - [x] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [x] My changes generate no new warnings - [x] I have added tests that prove my fix is effective or that my feature works - [x] New and existing unit tests pass locally with my changes |
||
|---|---|---|
| .. | ||
| src | ||
| plugin.properties | ||
| pom.xml | ||