Summary
When configuring the
debezium heartbeat query
for a Postgres source using CDC, queries that update or insert values to the table immediately fail with a 403 error. It seems like there may be an issue with SQL injection detection, even though queries that do not alter rows are accepted. The table has correct permissions set up, but the query is being flagged for potential SQL injection.
Question
has anyone tried to configure the debezium heartbeat query
for a Postgres source using CDC? when we’ve tried using any query that updates or inserts values to the table seems to immediately fail with a 403 error. This seems like it’s trying to block sql injection, but on a field that requires sql (we can put in something that doesn’t update or alter rows like update x
and it’s accepted). We have the table set up with correct permissions, the only explanation i have is that the query is being flagged for sql injection
This topic has been created from a Slack thread to give it more visibility.
It will be on Read-Only mode here. Click here if you want to access the original thread.