hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wan...@apache.org
Subject [1/2] hadoop git commit: YARN-7338. Support same origin policy for cross site scripting prevention. (Sunil G via wangda)
Date Thu, 19 Oct 2017 21:54:28 GMT
Repository: hadoop
Updated Branches:
  refs/heads/branch-3.0 362f67c1f -> 73cbc373e


YARN-7338. Support same origin policy for cross site scripting prevention. (Sunil G via wangda)

(cherry picked from commit 298b174f663a06e67098f7b5cd645769c1a98a80)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/03fee4de
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/03fee4de
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/03fee4de

Branch: refs/heads/branch-3.0
Commit: 03fee4de9e07060d9317c3f5c6059b3a156b61a3
Parents: 362f67c
Author: Wangda Tan <wangda@apache.org>
Authored: Thu Oct 19 14:44:42 2017 -0700
Committer: Wangda Tan <wangda@apache.org>
Committed: Thu Oct 19 14:51:14 2017 -0700

----------------------------------------------------------------------
 .../org/apache/hadoop/yarn/webapp/WebApps.java  | 22 ++++++++++++++++++++
 1 file changed, 22 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/03fee4de/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java
index 9c5e8c3..4f1cacf 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java
@@ -401,6 +401,7 @@ public class WebApps {
       WebApp webApp = build(webapp);
       HttpServer2 httpServer = webApp.httpServer();
       if (ui2Context != null) {
+        addFiltersForNewContext(ui2Context);
         httpServer.addHandlerAtFront(ui2Context);
       }
       try {
@@ -413,6 +414,27 @@ public class WebApps {
       return webApp;
     }
 
+    private void addFiltersForNewContext(WebAppContext ui2Context) {
+      Map<String, String> params = getConfigParameters(csrfConfigPrefix);
+
+      if (hasCSRFEnabled(params)) {
+        LOG.info("CSRF Protection has been enabled for the {} application. "
+            + "Please ensure that there is an authentication mechanism "
+            + "enabled (kerberos, custom, etc).", name);
+        String restCsrfClassName = RestCsrfPreventionFilter.class.getName();
+        HttpServer2.defineFilter(ui2Context, restCsrfClassName,
+            restCsrfClassName, params, new String[]{"/*"});
+      }
+
+      params = getConfigParameters(xfsConfigPrefix);
+
+      if (hasXFSEnabled()) {
+        String xfsClassName = XFrameOptionsFilter.class.getName();
+        HttpServer2.defineFilter(ui2Context, xfsClassName, xfsClassName, params,
+            new String[]{"/*"});
+      }
+    }
+
     private String inferHostClass() {
       String thisClass = this.getClass().getName();
       Throwable t = new Throwable();


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org


Mime
View raw message