fix security risk of SQL injection (#1121)

commit: 4e68894a1c54d763ac2697ea1ac993793da4107c [log] [tgz]
author: Xun Liu <liuxun@apache.org> Wed Mar 27 08:06:12 2024 +0800
committer: GitHub <noreply@github.com> Wed Mar 27 08:06:12 2024 +0800
tree: aaa7971847081e682cb31eebeb8026afe934c7d1
parent: 246ecee0706cad8cfa6a66006a7005c67ae235da [diff]
diff --git a/submarine-server/server-core/src/main/java/org/apache/submarine/server/SubmarineServer.java b/submarine-server/server-core/src/main/java/org/apache/submarine/server/SubmarineServer.java
index 5a3f9b8..c794646 100644
--- a/submarine-server/server-core/src/main/java/org/apache/submarine/server/SubmarineServer.java
+++ b/submarine-server/server-core/src/main/java/org/apache/submarine/server/SubmarineServer.java

@@ -123,13 +123,17 @@
           }
         });
 
-    setupRestApiContextHandler(webApp, conf);
+    // There is a security risk of SQL injection here,
+    // note that the RESTful interface cannot be provided until this is resolved
+    // setupRestApiContextHandler(webApp, conf);
 
     // Cookie config
     setCookieConfig(webApp);
 
+    // There is a security risk of SQL injection here,
+    // note that the RESTful interface cannot be provided until this is resolved
     // Notebook server
-    setupNotebookServer(webApp, conf, sharedServiceLocator);
+    // setupNotebookServer(webApp, conf, sharedServiceLocator);
 
     // Cluster Server
     // Cluster Server is useless for submarine now. Shield it to improve performance.
commit	4e68894a1c54d763ac2697ea1ac993793da4107c	[log] [tgz]
author	Xun Liu <liuxun@apache.org>	Wed Mar 27 08:06:12 2024 +0800
committer	GitHub <noreply@github.com>	Wed Mar 27 08:06:12 2024 +0800
tree	aaa7971847081e682cb31eebeb8026afe934c7d1
parent	246ecee0706cad8cfa6a66006a7005c67ae235da [diff]