From 252024431aa61c538c73ece21fa04ef99e4ed17b Mon Sep 17 00:00:00 2001
From: Bryan Maass <bryan.maass@gmail.com>
Date: Tue, 13 Sep 2022 11:45:07 -0600
Subject: [PATCH] H2 disallow `INIT=...` option using connection string
 (#25369)

* trim the init option in h2 connection string

- it can be lower or mixed-case, so `(dissoc-by str/lower-case ...)`
  will lowercase the map's keys and the dissoc-keys, and dissoc them when
  they are equal.

* refactor
---
 src/metabase/driver/h2.clj | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/metabase/driver/h2.clj b/src/metabase/driver/h2.clj
index 68822edeee7..6f7984ed934 100644
--- a/src/metabase/driver/h2.clj
+++ b/src/metabase/driver/h2.clj
@@ -366,8 +366,14 @@
   [connection-string]
   {:pre [(string? connection-string)]}
   (let [[file options] (connection-string->file+options connection-string)]
-    (file+options->connection-string file (merge options {"IFEXISTS"         "TRUE"
-                                                          "ACCESS_MODE_DATA" "r"}))))
+    (file+options->connection-string file (merge
+                                           (->> options
+                                                ;; Remove INIT=... from options for security reasons (Metaboat #165)
+                                                ;; http://h2database.com/html/features.html#execute_sql_on_connection
+                                                (remove (fn [[k _]] (= (str/lower-case k) "init")))
+                                                (into {}))
+                                           {"IFEXISTS"         "TRUE"
+                                            "ACCESS_MODE_DATA" "r"}))))
 
 (defmethod sql-jdbc.conn/connection-details->spec :h2
   [_ details]
-- 
GitLab