ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas" <rle...@hortonworks.com>
Subject Re: Review Request 39251: Security-related HTTP headers should be set separately for Ambari Views then for Ambari server UI
Date Tue, 13 Oct 2015 19:54:33 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/39251/
-----------------------------------------------------------

(Updated Oct. 13, 2015, 3:54 p.m.)


Review request for Ambari, Jonathan Hurley, Myroslav Papirkovskyy, Sumit Mohanty, and Sid
Wagle.


Bugs: ABMARI-13351
    https://issues.apache.org/jira/browse/ABMARI-13351


Repository: ambari


Description
-------

The security-related HTTP headers should be set separately for the Ambari Views then for the
Ambari server UI. This is because they have different requirements.  For example the Ambari
server UI should not be allowed to execute in an iframe (by default) where Ambari View must
be able to execute in an iframe invoked from the same origin.

The relevant headers are:
- Strict-Transport-Security
- X-Frame-Options
- X-XSS-Protection

These headers should be configurable via the ambari.properties such that they may be turned
on or off - and set to some custom value.

The default value for this headers should be as follows:
- Strict-Transport-Security: max-age=31536000
- X-Frame-Options: SAMEORIGIN
- X-XSS-Protection: 1; mode=block

Strict-Transport-Security should only be turned on if SSL is enabled.

The relevant Ambari properties should be:
- Strict-Transport-Security: views.http.strict-transport-security
- X-Frame-Options: views.http.x-frame-options
- X-XSS-Protection: views.http.x-xss-protection

By setting any of these to be empty, the header is to be turned off (or not set).

For example:
#Sets Strict-Transport-Security to a custom value
```
views.http.strict-transport-security=max-age=31536000; includeSubDomains
```

#Turns Strict-Transport-Security off
```
views.http.strict-transport-security=
```


Diffs (updated)
-----

  ambari-server/conf/unix/ambari.properties 68cbf65 
  ambari-server/conf/windows/ambari.properties 6a98a63 
  ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java c653e1b

  ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java 1265b6a

  ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java 5974494

  ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java
PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java
PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java
PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHeaderFilter.java
a7479af 
  ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariHandlerListTest.java
a0cb8d0 
  ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java
PRE-CREATION 
  ambari-server/src/test/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilterTest.java
PRE-CREATION 
  ambari-server/src/test/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilterTest.java
PRE-CREATION 
  ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHeaderFilterTest.java
5e8d2af 

Diff: https://reviews.apache.org/r/39251/diff/


Testing
-------

Manually tested

# Local test results: PASSED

# Jenkins test result: 

[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:37 h
[INFO] Finished at: 2015-10-13T15:58:17+00:00
[INFO] Final Memory: 47M/561M
[INFO] ------------------------------------------------------------------------


Thanks,

Robert Levas


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message