vogievetsky commented on PR #18310: URL: https://github.com/apache/druid/pull/18310#issuecomment-3109078683
This vuln is a not relevant to the console (except showing up in scanners). Yes Axios depends on form-data but all the requests we make use JSON so we never actually use form-data. The fix here is fine. The use of Math.random to generate tab ids is also fine since that is not part of any security path (the tab IDs might as well be sequential for all we care) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
