hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-9711) Integrate CSRF prevention filter in WebHDFS.
Date Tue, 09 Feb 2016 20:27:18 GMT

     [ https://issues.apache.org/jira/browse/HDFS-9711?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Chris Nauroth updated HDFS-9711:
--------------------------------
    Attachment: HDFS-9711.003.patch

Here is patch v003.  I updated this in response HADOOP-12758, where [~lmccay] added support
to the filter for checking the User-Agent.  With consideration of Larry's recent comments
here, I have kept the configurability of the header name.

> Integrate CSRF prevention filter in WebHDFS.
> --------------------------------------------
>
>                 Key: HDFS-9711
>                 URL: https://issues.apache.org/jira/browse/HDFS-9711
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: datanode, namenode, webhdfs
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-9711.001.patch, HDFS-9711.002.patch, HDFS-9711.003.patch
>
>
> HADOOP-12691 introduced a filter in Hadoop Common to help REST APIs guard against cross-site
request forgery attacks.  This issue tracks integration of that filter in WebHDFS.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message