ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Myroslav Papirkovskyy (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (AMBARI-4338) Proper error message required for CSRF protection error
Date Tue, 08 Jul 2014 15:50:06 GMT

     [ https://issues.apache.org/jira/browse/AMBARI-4338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Myroslav Papirkovskyy reassigned AMBARI-4338:
---------------------------------------------

    Assignee: Myroslav Papirkovskyy

> Proper error message required for CSRF protection error
> -------------------------------------------------------
>
>                 Key: AMBARI-4338
>                 URL: https://issues.apache.org/jira/browse/AMBARI-4338
>             Project: Ambari
>          Issue Type: Task
>    Affects Versions: 1.4.2
>            Reporter: Yusaku Sako
>            Assignee: Myroslav Papirkovskyy
>             Fix For: 1.7.0
>
>
> Ambari Server requires non-GET calls to be made with the "X-Requested-By" HTTP header.
> When a request made without the header (and CSRF option is turned on, which is the default),
it fails with error code 400 without any useful message.
> The error message should clearly indicate that CSRF is turned on and that X-Requested-By
HTTP header is required.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message