IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

API: Do not expose user input in datasource error responses (#52992)

Browse Source
This commit is contained in:
Sofia Papagiannaki 2022-07-29 15:46:51 +03:00 committed by GitHub
parent ba76f9b580
commit 87004cc22d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/api/datasources.go
View File

@ -318,7 +318,8 @@ func (hs *HTTPServer) DeleteDataSourceByName(c *models.ReqContext) response.Resp
func validateURL(cmdType string, url string) response.Response {
if _, err := datasource.ValidateURL(cmdType, url); err != nil {
return response.Error(400, fmt.Sprintf("Validation error, invalid URL: %q", url), err)
datasourcesLogger.Error("Failed to validate URL", "url", url)
return response.Error(http.StatusBadRequest, "Validation error, invalid URL", err)
}
return nil