mistercrunch commented on PR #30134: URL: https://github.com/apache/superset/pull/30134#issuecomment-2741230081
> "rule out the security issue raised by CodeQL" Wondering if it'd make sense to generalize a `urlFor(url, sanitize=True)` (renaming the method to match the backend (?)) which would sanitize by default. Could expose other functionality like receiving an object of `params` and be able to url-encode to rison VS standard-querystring - not sure if it's in-scope for this PR or not... > "figure out how to jam this in the existing test matrixes" Someone can help with this, thinking we'll need the ability to set a `superset_config.py` in CI, maybe simply hooking up env vars. Say if `superset/config.py` reads from `SUPERSET__URL_PREFIX` (or similar), we can probably easily dynamically parameterize this in the matrix. I think we have an example somewhere of JSON-combination of matrix parameter that aren't a full cartesian product. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
