hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-13008) Add XFS Filter for UIs to Hadoop Common
Date Wed, 11 May 2016 18:54:13 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-13008?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15280622#comment-15280622
] 

Hudson commented on HADOOP-13008:
---------------------------------

FAILURE: Integrated in Hadoop-trunk-Commit #9746 (See [https://builds.apache.org/job/Hadoop-trunk-Commit/9746/])
HADOOP-13008. Add XFS Filter for UIs to Hadoop Common. Contributed by (cnauroth: rev dee279b532e7286362518b531c9daea9ae8606f4)
* hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/http/TestXFrameOptionsFilter.java
* hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/XFrameOptionsFilter.java
* hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/conf/Configuration.java
* hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/package-info.java
* hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/http/TestRestCsrfPreventionFilter.java
* hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java


> Add XFS Filter for UIs to Hadoop Common
> ---------------------------------------
>
>                 Key: HADOOP-13008
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13008
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: security
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>             Fix For: 2.8.0
>
>         Attachments: HADOOP-13008-001.patch, HADOOP-13008-002.patch, HADOOP-13008-003.patch,
HADOOP-13008-004.patch
>
>
> Cross Frame Scripting (XFS) prevention for UIs can be provided through a common servlet
filter. This filter will set the X-Frame-Options HTTP header to DENY unless configured to
another valid setting.
> There are a number of UIs that could just add this to their filters as well as the Yarn
webapp proxy which could add it for all it's proxied UIs - if appropriate.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message