hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Esteban Gutierrez (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HBASE-19741) Port CSRF prevention filter (HBASE-15187) to the HBase Thrift server
Date Tue, 09 Jan 2018 19:31:00 GMT
Esteban Gutierrez created HBASE-19741:
-----------------------------------------

             Summary: Port CSRF prevention filter (HBASE-15187) to the HBase Thrift server
                 Key: HBASE-19741
                 URL: https://issues.apache.org/jira/browse/HBASE-19741
             Project: HBase
          Issue Type: Bug
            Reporter: Esteban Gutierrez
            Priority: Minor


Our thrift server is prone to the same CSRF issue described in HBASE-15187. Even it only affects
browsers it triggers a positive match in some venerability scanners even there is no real
impact. We should correct our headers in the HBase Thrift server to avoid that problem.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message