fix security risk of SQL injection (#1121)
diff --git a/submarine-server/server-core/src/main/java/org/apache/submarine/server/SubmarineServer.java b/submarine-server/server-core/src/main/java/org/apache/submarine/server/SubmarineServer.java
index 5a3f9b8..c794646 100644
--- a/submarine-server/server-core/src/main/java/org/apache/submarine/server/SubmarineServer.java
+++ b/submarine-server/server-core/src/main/java/org/apache/submarine/server/SubmarineServer.java
@@ -123,13 +123,17 @@
}
});
- setupRestApiContextHandler(webApp, conf);
+ // There is a security risk of SQL injection here,
+ // note that the RESTful interface cannot be provided until this is resolved
+ // setupRestApiContextHandler(webApp, conf);
// Cookie config
setCookieConfig(webApp);
+ // There is a security risk of SQL injection here,
+ // note that the RESTful interface cannot be provided until this is resolved
// Notebook server
- setupNotebookServer(webApp, conf, sharedServiceLocator);
+ // setupNotebookServer(webApp, conf, sharedServiceLocator);
// Cluster Server
// Cluster Server is useless for submarine now. Shield it to improve performance.