membphis commented on PR #12187: URL: https://github.com/apache/apisix/pull/12187#issuecomment-3142919026
This new feature is not safe, we can wait for more voice from the community. For me, `one upstream` work for `one service`, much safer. Here is a bad example: ``` # bad example, which may cause APISIX unsafe, allow user to access any service of K8s or eureka $ curl http://127.0.0.1:9180/apisix/admin/routes/1 -H "X-API-KEY: $admin_key" -X PUT -i -d ' { "uri": "/*", "upstream": { "service_name": "${http_service}", "discovery_type": "eureka" } }' ``` I sugguest: need to wait for more voice from community, don't merge this PR soon -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
