Return-Path: <common-issues-return-141805-archive-asf-public=cust-asf.ponee.io@hadoop.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 503B0200D18
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 27 Sep 2017 03:58:04 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 4ED5F1609EA; Wed, 27 Sep 2017 01:58:04 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 958DB1609D7
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 27 Sep 2017 03:58:03 +0200 (CEST)
Received: (qmail 38284 invoked by uid 500); 27 Sep 2017 01:58:02 -0000
Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-issues-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-issues-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-issues@hadoop.apache.org>
List-Id: <common-issues.hadoop.apache.org>
Delivered-To: mailing list common-issues@hadoop.apache.org
Received: (qmail 38273 invoked by uid 99); 27 Sep 2017 01:58:02 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Sep 2017 01:58:02 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 0F49DCA43C
	for <common-issues@hadoop.apache.org>; Wed, 27 Sep 2017 01:58:02 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -99.202
X-Spam-Level: 
X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31
	tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001,
	SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
	with ESMTP id hvmD_qLagzcc for <common-issues@hadoop.apache.org>;
	Wed, 27 Sep 2017 01:58:01 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 3CFE85FAF3
	for <common-issues@hadoop.apache.org>; Wed, 27 Sep 2017 01:58:01 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id CB25EE0EB1
	for <common-issues@hadoop.apache.org>; Wed, 27 Sep 2017 01:58:00 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 856DD2427E
	for <common-issues@hadoop.apache.org>; Wed, 27 Sep 2017 01:58:00 +0000 (UTC)
Date: Wed, 27 Sep 2017 01:58:00 +0000 (UTC)
From: "Johannes Alberti (JIRA)" <jira@apache.org>
To: common-issues@hadoop.apache.org
Message-ID: <JIRA.13105233.1506458401000.210864.1506477480544@Atlassian.JIRA>
In-Reply-To: <JIRA.13105233.1506458401000@Atlassian.JIRA>
References: <JIRA.13105233.1506458401000@Atlassian.JIRA> <JIRA.13105233.1506458401555@jira-lw-us.apache.org>
Subject: [jira] [Commented] (HADOOP-14908) CrossOriginFilter should trigger
 regex on more input
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Wed, 27 Sep 2017 01:58:04 -0000


    [ https://issues.apache.org/jira/browse/HADOOP-14908?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16181872#comment-16181872 ] 

Johannes Alberti commented on HADOOP-14908:
-------------------------------------------

A proposed patch is here https://github.com/apache/hadoop/pull/278

> CrossOriginFilter should trigger regex on more input
> ----------------------------------------------------
>
>                 Key: HADOOP-14908
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14908
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: common, security
>    Affects Versions: 3.0.0-beta1
>            Reporter: Allen Wittenauer
>
> Currently,  CrossOriginFilter.java limits regex matching only if there is an asterisk (\*) in the config.
> {code}
> if (allowedOrigin.contains("*")) {
> {code}
> This means that entries such as:
> {code}
> http?://foo.example.com
> https://[a-z][0-9].example.com
> {code}
> ... and other patterns that succinctly limit the input space need to either be fully expanded or dramatically have their space increased by using an asterisk in order to pass through the filter.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org