Merge remote-tracking branch 'origin/release-5.4' into release-5.5

zmstone · zmstone · commit b7ba1f846825 · 2025-03-23T11:25:15.000+01:00
diff --git a/en_US/access-control/authn/authn.md b/en_US/access-control/authn/authn.md
@@ -160,6 +160,8 @@ password_hash_algorithm {
 
 EMQX supports using placeholders in the query statements and HTTP requests. During the authentication step, these placeholders will be replaced with actual client information to construct a query or HTTP request that matches the current client.
 
+A valid placeholder follows the format `${PATH.TO.VALUE}`, where PATH.TO.VALUE is a dot-notated path to a value in an object. Valid characters include letters, digits, dots (`.`), and underscores (`_`). Placeholders containing unsupported characters will be treated as plain text. 
+
 For example, in EMQX MySQL authenticator, The default query SQL uses the placeholder `${username}`: 
 
 ```
diff --git a/en_US/access-control/authz/authz.md b/en_US/access-control/authz/authz.md
@@ -71,6 +71,8 @@ If set properly, caching can greatly improve performance. So, it is recommended
 
 EMQX authorizers allow using placeholders in their configuration. During the authorization step, these placeholders are replaced with actual client information to construct a query or HTTP request that matches the current client.
 
+A valid placeholder follows the format `${PATH.TO.VALUE}`, where PATH.TO.VALUE is a dot-notated path to a value in an object. Valid characters include letters, digits, dots (`.`), and underscores (`_`). Placeholders containing unsupported characters will be treated as plain text. 
+
 #### Placeholders in Data Queries
 
 Placeholders are used to construct query statement. For example, in one EMQX MySQL authorizer, the default query SQL uses the placeholder `${username}`:
diff --git a/zh_CN/access-control/authn/authn.md b/zh_CN/access-control/authn/authn.md
@@ -144,6 +144,9 @@ password_hash_algorithm {
 
 EMQX 允许使用占位符动态构造认证数据查询语句、HTTP 请求，占位符会在认证器执行时替换为真实的客户端信息，以构造出与当前客户端匹配的查询语句或 HTTP 请求。
 
+一个有效的占位符格式为 ${PATH.TO.VALUE}，其中 PATH.TO.VALUE 是对象中值的点符号路径。允许的字符包括字母、数字、点（`.`）和下划线（`_`）。
+如果占位符中包含不支持的字符，将被视为普通文本处理。
+
 以 MySQL 认证器为例，默认的查询 SQL 中使用了 `${username}` 占位符：
 
 ```sql
diff --git a/zh_CN/access-control/authz/authz.md b/zh_CN/access-control/authz/authz.md
@@ -71,6 +71,9 @@ EMQX 支持对授权数据进行缓存，以便缓解由于大量客户端的订
 
 EMQX 允许使用占位符动态构造授权数据查询语句、HTTP 请求，占位符会在授权检查器执行时替换为真实的客户端信息，以构造出与当前客户端匹配的查询语句或 HTTP 请求。
 
+一个有效的占位符格式为 ${PATH.TO.VALUE}，其中 PATH.TO.VALUE 是对象中值的点符号路径。允许的字符包括字母、数字、点（`.`）和下划线（`_`）。
+如果占位符中包含不支持的字符，将被视为普通文本处理。
+
 #### 数据查询占位符
 
 用于在查询权限数据时构造数据查询语句。以 MySQL 授权检查器为例，默认的查询 SQL 中使用了 `${username}` 占位符：
