-
Feature
-
Resolution: Won't Do
-
Major
-
None
-
0
-
0%
-
Todo
(Migrated from https://github.com/syndesisio/syndesis/issues/4102)
Author: Zoran Regvart
Assignees: unassigned
This is a...
[pre][code]
[x] Feature request
[ ] Regression (a behavior that used to work and stopped working in a new release)
[ ] Bug report [!-- Please search GitHub for a similar issue or PR before submitting --]
[ ] Documentation issue or request
[/code][/pre]
Description
We should make Camel message headers part of the connector contract, right now we have only definitions of endpoint/component parameters. Most Camel components are influenced by Camel message headers and potentially we could leak sensitive information if we pass Camel message headers bound via incoming payload by the consumer to an outgoing message payload via producer binding.
We need to:
1. add a white list of Camel message headers that are passed from the one connector to the following connector
2. filter out all but white listed Camel message headers before invoking the following connector
3. restore message headers after invoking the following connector (I think this is needed to restore activity tracking)
I guess we don't need to do this for step connectors?
cc @syndesisio/backend
See #3865 #1915