ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas" <rle...@hortonworks.com>
Subject Re: Review Request 38893: Backport from 2.1.0 - Set HttpOnly and Secure flags for Ambari session cookies
Date Wed, 30 Sep 2015 13:14:25 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/38893/
-----------------------------------------------------------

(Updated Sept. 30, 2015, 9:14 a.m.)


Review request for Ambari, Jonathan Hurley, Myroslav Papirkovskyy, and Vitalyi Brodetskyi.


Bugs: AMBARI-13272
    https://issues.apache.org/jira/browse/AMBARI-13272


Repository: ambari


Description
-------

1) https://www.owasp.org/index.php/HttpOnly

2) https://www.owasp.org/index.php/SecureFlag

This is a backport of the patch that resolved https://issues.apache.org/jira/browse/AMBARI-11129.


Diffs
-----

  ambari-project/pom.xml ddbfdb7 
  ambari-server/pom.xml 05fbd7c 
  ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java 4207007

  ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java 24dc23d

  ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariSessionManager.java
721d95b 
  ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java 8061c43

  ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariHandlerListTest.java
afad6ce 
  ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariServerTest.java 484f398

  ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariSessionManagerTest.java
058baa1 

Diff: https://reviews.apache.org/r/38893/diff/


Testing
-------

Manually tested 
Units tests pass, but there may be a race condition (not related to this patch) causing a
test in `org.apache.ambari.server.state.cluster.ClusterTest` to fail.
```
  testRecalculateAllClusterVersionStates(org.apache.ambari.server.state.cluster.ClusterTest):
expected:<INSTALLING> but was:<OUT_OF_SYNC>
```


Thanks,

Robert Levas


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message