Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12234

Web UI Framable Page

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • None
    • None
    • None
    • None

    Description

      The web UIs do not include the "X-Frame-Options" header to prevent the pages from being framed from another site.

      Reference:
      https://www.owasp.org/index.php/Clickjacking
      https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
      https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options

      Attachments

        1. HADOOP-12234-v3-master.patch
          11 kB
          Apekshit Sharma
        2. HADOOP-12234-v2-master.patch
          11 kB
          Apekshit Sharma
        3. HADOOP-12234.patch
          11 kB
          Apekshit Sharma

        Issue Links

          is superceded by

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-13008 Add XFS Filter for UIs to Hadoop Common

          • Major - Major loss of function.
          • Resolved
          relates to

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-13008 Add XFS Filter for UIs to Hadoop Common

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              appy Apekshit Sharma
              appy Apekshit Sharma
              Votes:
              0 Vote for this issue
              Watchers:
              13 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: