hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Amar Kamat (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-5442) The job history display needs to be paged
Date Mon, 16 Mar 2009 18:41:50 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-5442?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12682405#action_12682405
] 

Amar Kamat commented on HADOOP-5442:
------------------------------------

Result of test-patch
{code}
[exec] -1 overall.  
     [exec] 
     [exec]     +1 @author.  The patch does not contain any @author tags.
     [exec] 
     [exec]     -1 tests included.  The patch doesn't appear to include any new or modified
tests.
     [exec]                         Please justify why no tests are needed for this patch.
     [exec] 
     [exec]     +1 javadoc.  The javadoc tool did not generate any warning messages.
     [exec] 
     [exec]     +1 javac.  The applied patch does not increase the total number of javac compiler
warnings.
     [exec] 
     [exec]     -1 findbugs.  The patch appears to introduce 1 new Findbugs warnings.
     [exec] 
     [exec]     +1 Eclipse classpath. The patch retains Eclipse classpath integrity.
     [exec] 
     [exec]     +1 release audit.  The applied patch does not increase the total number of
release audit warnings.
{code}

The findbugs warning is 
{noformat}
HTTP parameter directly written to JSP output, giving reflected XSS vulnerability in org.apache.hadoop.mapred.jobhistory_jsp

In class org.apache.hadoop.mapred.jobhistory_jsp
In method org.apache.hadoop.mapred.jobhistory_jsp._jspService(HttpServletRequest, HttpServletResponse)
Parameter 'search' Value generated at jobhistory_jsp.java:[line 146]
At jobhistory_jsp.java:[line 226] 
Another occurrence at jobhistory_jsp.java:[line 249] 
Another occurrence at jobhistory_jsp.java:[line 253]
Another occurrence at jobhistory_jsp.java:[line 260]
{noformat}

Here the search string is passed across pages.

> The job history display needs to be paged 
> ------------------------------------------
>
>                 Key: HADOOP-5442
>                 URL: https://issues.apache.org/jira/browse/HADOOP-5442
>             Project: Hadoop Core
>          Issue Type: Bug
>            Reporter: Owen O'Malley
>            Assignee: Amar Kamat
>         Attachments: HADOOP-5442-v1.12.patch, HADOOP-5442-v1.6.patch, HADOOP-5442-v1.9.patch
>
>
> Currently the list of job history will try to render the entire list of jobs that have
run. That doesn't scale up as more and more jobs run on a job tracker.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message