Hi Alex, thanks for working on this and identifying the need to address this issue.
I see under Rejected Alternatives that the option to disable this feature has been considered already. However, I'd like to return a bit to this option and highlight the following: * Exposing this request was not intended in the first place and can be considered a bug at this point. * Even more, having as default the option that leaves a potential security vulnerability open is more problematic than the possibility of deprecating a feature like this. Taking into account that this a minor feature and that the implications of breaking compatibility here are pretty small - if any -, I think keeping the vulnerable option as default is worse than breaking compatibility here. * For issues like this one here, I think we need to consider the importance of keeping the set of configuration options concise and essential. Based on the above, I'd like to suggest to consider changing KIP-404 to propose the complete removal of this feature. Konstantine On Fri, Dec 14, 2018 at 3:06 PM Oleksandr Diachenko < alex.diache...@confluent.io> wrote: > Thanks, everyone for taking the time to review the KIP. > > It looks like there are no major objections on it, so I will start voting > thread. > > Regards, Alex. > > > > On Thu, Dec 13, 2018 at 3:50 PM Randall Hauch <rha...@gmail.com> wrote: > > > Thanks, Alex. The KIP looks good to me. > > > > Randall > > > > On Wed, Dec 12, 2018 at 10:08 PM Guozhang Wang <wangg...@gmail.com> > wrote: > > > > > Alex, > > > > > > Thanks for putting up this KIP. The proposal lgtm. > > > > > > Guozhang > > > > > > On Wed, Dec 12, 2018 at 7:41 PM Oleksandr Diachenko < > > odiache...@apache.org > > > > > > > wrote: > > > > > > > Hi all, > > > > > > > > I would like to start a discussing for the following KIP: > > > > > > > > > > > > > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-404%3A+Add+Kafka+Connect+configuration+parameter+for+disabling+WADL+output+on+OPTIONS+request > > > > . > > > > > > > > The KIP proposes to add a configuration parameter for Connect Worker, > > > which > > > > would allow to not expose WADL information in Connect REST api > > responces. > > > > > > > > Feedback is appreciated, thanks in advance. > > > > > > > > Regards, Alex. > > > > > > > > > > > > > -- > > > -- Guozhang > > > > > >
