diff --git a/inlong-manager/manager-pojo/src/main/java/org/apache/inlong/manager/pojo/sink/mysql/MySQLSinkDTO.java b/inlong-manager/manager-pojo/src/main/java/org/apache/inlong/manager/pojo/sink/mysql/MySQLSinkDTO.java index 07045680931..e2f2062129f 100644 --- a/inlong-manager/manager-pojo/src/main/java/org/apache/inlong/manager/pojo/sink/mysql/MySQLSinkDTO.java +++ b/inlong-manager/manager-pojo/src/main/java/org/apache/inlong/manager/pojo/sink/mysql/MySQLSinkDTO.java @@ -45,13 +45,11 @@ @AllArgsConstructor public class MySQLSinkDTO { - @VisibleForTesting - protected static final char SYMBOL = '&'; /** * The sensitive param may lead the attack. */ - @VisibleForTesting - protected static final String SENSITIVE_PARAM = "autoDeserialize=true"; + private static final String SENSITIVE_PARAM_TRUE = "autoDeserialize=true"; + private static final String SENSITIVE_PARAM_FALSE = "autoDeserialize=false"; private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper(); private static final Logger LOGGER = LoggerFactory.getLogger(MySQLSinkDTO.class); @@ -181,23 +179,17 @@ private static String getDbNameFromUrl(String jdbcUrl) { */ @VisibleForTesting protected static String filterSensitive(String url) { - if (StringUtils.isBlank(url) || !url.contains(SENSITIVE_PARAM)) { - LOGGER.info("string was empty or not contains sensitive for [{}]", url); + if (StringUtils.isBlank(url)) { return url; } - String originUrl = url; - int index = url.indexOf(SENSITIVE_PARAM); - String tmp = SENSITIVE_PARAM; - if (index == 0) { - tmp = tmp + SYMBOL; - } else if (url.charAt(index - 1) == SYMBOL) { - tmp = SYMBOL + tmp; + String resultUrl = url; + if (StringUtils.containsIgnoreCase(url, SENSITIVE_PARAM_TRUE)) { + resultUrl = StringUtils.replaceIgnoreCase(url, SENSITIVE_PARAM_TRUE, SENSITIVE_PARAM_FALSE); } - url = url.replace(tmp, ""); - LOGGER.debug("the origin url [{}] was filter to: [{}]", originUrl, url); - return url; + LOGGER.debug("the origin url [{}] was replaced to: [{}]", url, resultUrl); + return resultUrl; } } diff --git a/inlong-manager/manager-pojo/src/test/java/org/apache/inlong/manager/pojo/sink/mysql/MySQLSinkDTOTest.java b/inlong-manager/manager-pojo/src/test/java/org/apache/inlong/manager/pojo/sink/mysql/MySQLSinkDTOTest.java index fabd6842dc4..82d6129b4c6 100644 --- a/inlong-manager/manager-pojo/src/test/java/org/apache/inlong/manager/pojo/sink/mysql/MySQLSinkDTOTest.java +++ b/inlong-manager/manager-pojo/src/test/java/org/apache/inlong/manager/pojo/sink/mysql/MySQLSinkDTOTest.java @@ -20,28 +20,25 @@ import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; -import static org.apache.inlong.manager.pojo.sink.mysql.MySQLSinkDTO.SENSITIVE_PARAM; -import static org.apache.inlong.manager.pojo.sink.mysql.MySQLSinkDTO.SYMBOL; - /** * Test for {@link MySQLSinkDTO} */ public class MySQLSinkDTOTest { @Test - public void testFilterOther() { + public void testFilterSensitive() { // the sensitive params at the first - String originUrl = MySQLSinkDTO.filterSensitive(SENSITIVE_PARAM + SYMBOL + "autoReconnect=true"); - Assertions.assertEquals("autoReconnect=true", originUrl); + String originUrl = MySQLSinkDTO.filterSensitive("autoDeserialize=TRue&autoReconnect=true"); + Assertions.assertEquals("autoDeserialize=false&autoReconnect=true", originUrl); // the sensitive params at the end - originUrl = MySQLSinkDTO.filterSensitive("autoReconnect=true" + SYMBOL + SENSITIVE_PARAM); - Assertions.assertEquals("autoReconnect=true", originUrl); + originUrl = MySQLSinkDTO.filterSensitive("autoReconnect=true&autoDeserialize=trUE"); + Assertions.assertEquals("autoReconnect=true&autoDeserialize=false", originUrl); // the sensitive params in the middle originUrl = MySQLSinkDTO.filterSensitive( - "useSSL=false" + SYMBOL + SENSITIVE_PARAM + SYMBOL + "autoReconnect=true"); - Assertions.assertEquals("useSSL=false" + SYMBOL + "autoReconnect=true", originUrl); + "useSSL=false&autoDeserialize=TRUE&autoReconnect=true"); + Assertions.assertEquals("useSSL=false&autoDeserialize=false&autoReconnect=true", originUrl); } }