Return-Path: 
 <common-commits-return-48280-apmail-hadoop-common-commits-archive=hadoop.apache.org@hadoop.apache.org>
X-Original-To: apmail-hadoop-common-commits-archive@www.apache.org
Delivered-To: apmail-hadoop-common-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 9AA3719E18
	for <apmail-hadoop-common-commits-archive@www.apache.org>;
 Mon, 11 Apr 2016 23:17:21 +0000 (UTC)
Received: (qmail 54471 invoked by uid 500); 11 Apr 2016 23:17:16 -0000
Delivered-To: apmail-hadoop-common-commits-archive@hadoop.apache.org
Received: (qmail 54286 invoked by uid 500); 11 Apr 2016 23:17:16 -0000
Mailing-List: contact common-commits-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-commits-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-commits-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-commits@hadoop.apache.org>
List-Id: <common-commits.hadoop.apache.org>
Reply-To: common-dev@hadoop.apache.org
Delivered-To: mailing list common-commits@hadoop.apache.org
Received: (qmail 53525 invoked by uid 99); 11 Apr 2016 23:17:16 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Apr 2016 23:17:15 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id D1195E0415; Mon, 11 Apr 2016 23:17:15 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: aengineer@apache.org
To: common-commits@hadoop.apache.org
Date: Mon, 11 Apr 2016 23:17:23 -0000
Message-Id: <112454cb548c4743865caa86b202d30f@git.apache.org>
In-Reply-To: <9ec6c119ea1940b8a09e4f66c774db60@git.apache.org>
References: <9ec6c119ea1940b8a09e4f66c774db60@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [09/37] hadoop git commit: YARN-4769. Add support for CSRF header in
 the dump capacity scheduler logs and kill app buttons in RM web UI.
 Contributed by Varun Vasudev

YARN-4769. Add support for CSRF header in the dump capacity scheduler logs and kill app buttons in RM web UI. Contributed by Varun Vasudev


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/93bacda0
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/93bacda0
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/93bacda0

Branch: refs/heads/HDFS-1312
Commit: 93bacda08bc546612f9278b31f5c38107867630a
Parents: aede8c1
Author: Jian He <jianhe@apache.org>
Authored: Wed Apr 6 16:13:47 2016 -0700
Committer: Jian He <jianhe@apache.org>
Committed: Wed Apr 6 16:13:47 2016 -0700

----------------------------------------------------------------------
 .../security/http/RestCsrfPreventionFilter.java |  2 +-
 .../hadoop/yarn/server/webapp/AppBlock.java     | 20 ++++++++++++++++++++
 .../webapp/CapacitySchedulerPage.java           |  2 ++
 3 files changed, 23 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/93bacda0/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
index c0f7e39..33579b4 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
@@ -62,7 +62,7 @@ public class RestCsrfPreventionFilter implements Filter {
   public static final String CUSTOM_METHODS_TO_IGNORE_PARAM =
       "methods-to-ignore";
   static final String  BROWSER_USER_AGENTS_DEFAULT = "^Mozilla.*,^Opera.*";
-  static final String HEADER_DEFAULT = "X-XSRF-HEADER";
+  public static final String HEADER_DEFAULT = "X-XSRF-HEADER";
   static final String  METHODS_TO_IGNORE_DEFAULT = "GET,OPTIONS,HEAD,TRACE";
   private String  headerName = HEADER_DEFAULT;
   private Set<String> methodsToIgnore = null;

http://git-wip-us.apache.org/repos/asf/hadoop/blob/93bacda0/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
index 44ed223..69beef2 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
@@ -24,12 +24,14 @@ import static org.apache.hadoop.yarn.webapp.YarnWebParams.WEB_UI_TYPE;
 
 import java.security.PrivilegedExceptionAction;
 import java.util.Collection;
+import java.util.Map;
 
 import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.http.RestCsrfPreventionFilter;
 import org.apache.hadoop.util.StringUtils;
 import org.apache.hadoop.yarn.api.ApplicationBaseProtocol;
 import org.apache.hadoop.yarn.api.protocolrecords.GetApplicationAttemptsRequest;
@@ -143,6 +145,7 @@ public class AppBlock extends HtmlBlock {
           .append(" type: 'PUT',")
           .append(" url: '/ws/v1/cluster/apps/").append(aid).append("/state',")
           .append(" contentType: 'application/json',")
+          .append(getCSRFHeaderString(conf))
           .append(" data: '{\"state\":\"KILLED\"}',")
           .append(" dataType: 'json'")
           .append(" }).done(function(data){")
@@ -369,4 +372,21 @@ public class AppBlock extends HtmlBlock {
   protected LogAggregationStatus getLogAggregationStatus() {
     return null;
   }
+
+  public static String getCSRFHeaderString(Configuration conf) {
+    String ret = "";
+    if (conf.getBoolean(YarnConfiguration.RM_CSRF_ENABLED, false)) {
+      ret = " headers : { '";
+      Map<String, String> filterParams = RestCsrfPreventionFilter
+          .getFilterParams(conf, YarnConfiguration.RM_CSRF_PREFIX);
+      if (filterParams
+          .containsKey(RestCsrfPreventionFilter.CUSTOM_HEADER_PARAM)) {
+        ret += filterParams.get(RestCsrfPreventionFilter.CUSTOM_HEADER_PARAM);
+      } else {
+        ret += RestCsrfPreventionFilter.HEADER_DEFAULT;
+      }
+      ret += "' : 'null' },";
+    }
+    return ret;
+  }
 }

http://git-wip-us.apache.org/repos/asf/hadoop/blob/93bacda0/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
index 5abc250..bfa081f 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
@@ -42,6 +42,7 @@ import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.PartitionQueueCa
 import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.PartitionResourcesInfo;
 import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.ResourceInfo;
 import org.apache.hadoop.yarn.server.security.ApplicationACLsManager;
+import org.apache.hadoop.yarn.server.webapp.AppBlock;
 import org.apache.hadoop.yarn.util.Times;
 import org.apache.hadoop.yarn.util.resource.Resources;
 import org.apache.hadoop.yarn.webapp.ResponseInfo;
@@ -357,6 +358,7 @@ class CapacitySchedulerPage extends RmView {
           .append(" type: 'POST',")
           .append(" url: '/ws/v1/cluster/scheduler/logs',")
           .append(" contentType: 'text/plain',")
+          .append(AppBlock.getCSRFHeaderString(rm.getConfig()))
           .append(" data: 'time=' + timePeriod,")
           .append(" dataType: 'text'")
           .append(" }).done(function(data){")