accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Christopher Tubbs (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-4677) Sanitize @PathParam and @QueryParam parameters in new REST-based monitor
Date Fri, 07 Jul 2017 15:57:00 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-4677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16078288#comment-16078288
] 

Christopher Tubbs commented on ACCUMULO-4677:
---------------------------------------------

Good point. I'll see if I can make time to work on this. If I do, I'll mark it as "In Progress".
Until then, anybody should feel free to take this. A simple thing might be to adapt the previous
method in ACCUMULO-4660 as a global (monitor-wide) util, and apply it everywhere we use a
param.

> Sanitize @PathParam and @QueryParam parameters in new REST-based monitor
> ------------------------------------------------------------------------
>
>                 Key: ACCUMULO-4677
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-4677
>             Project: Accumulo
>          Issue Type: Bug
>          Components: monitor
>            Reporter: Christopher Tubbs
>            Priority: Blocker
>             Fix For: 2.0.0
>
>
> Following on the issue identified in ACCUMULO-4660, I verified that parameters to the
REST-based monitor (ACCUMULO-3005) resources need sanitization as well.
> All {{@PathParam}} and {{@QueryParam}} annotated fields should be sanitized.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message