File tree Expand file tree Collapse file tree 1 file changed +16
-0
lines changed Expand file tree Collapse file tree 1 file changed +16
-0
lines changed Original file line number Diff line number Diff line change @@ -104,6 +104,22 @@ func ProxyDataSourceRequest(c *middleware.Context) {
104104 }
105105
106106 proxyPath := c .Params ("*" )
107+
108+ if ds .Type == m .DS_ES {
109+ if c .Req .Request .Method == "DELETE" {
110+ c .JsonApiErr (403 , "Deletes not allowed on proxied Elasticsearch datasource" , nil )
111+ return
112+ }
113+ if c .Req .Request .Method == "PUT" {
114+ c .JsonApiErr (403 , "Puts not allowed on proxied Elasticsearch datasource" , nil )
115+ return
116+ }
117+ if c .Req .Request .Method == "POST" && proxyPath != "_msearch" {
118+ c .JsonApiErr (403 , "Posts not allowed on proxied Elasticsearch datasource except on /_msearch" , nil )
119+ return
120+ }
121+ }
122+
107123 proxy := NewReverseProxy (ds , proxyPath , targetUrl )
108124 proxy .Transport = dataProxyTransport
109125 proxy .ServeHTTP (c .Resp , c .Req .Request )
You can’t perform that action at this time.
0 commit comments