Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-13352

Make X-FRAME-OPTIONS configurable in HttpServer2

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.8.0, 3.0.0-alpha1
    • Component/s: net, security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      In HADOOP-12964 we introduced support for X-FRAME-OPTIONS in HttpServer2. This JIRA makes it configurable.

      1. HADOOP-13352.001.patch
        10 kB
        Anu Engineer
      2. HADOOP-13352.002.patch
        10 kB
        Anu Engineer

        Issue Links

          Activity

          Hide
          anu Anu Engineer added a comment -

          Adds config capability for X-FRAME-OPTIONS support in HttpServer2.

          Show
          anu Anu Engineer added a comment - Adds config capability for X-FRAME-OPTIONS support in HttpServer2.
          Hide
          hadoopqa Hadoop QA added a comment -
          +1 overall



          Vote Subsystem Runtime Comment
          0 reexec 0m 14s Docker mode activated.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 test4tests 0m 0s The patch appears to include 2 new or modified test files.
          +1 mvninstall 6m 44s trunk passed
          +1 compile 6m 31s trunk passed
          +1 checkstyle 0m 24s trunk passed
          +1 mvnsite 0m 57s trunk passed
          +1 mvneclipse 0m 14s trunk passed
          +1 findbugs 1m 31s trunk passed
          +1 javadoc 0m 45s trunk passed
          +1 mvninstall 0m 41s the patch passed
          +1 compile 6m 50s the patch passed
          +1 javac 6m 50s the patch passed
          -0 checkstyle 0m 24s hadoop-common-project/hadoop-common: The patch generated 1 new + 115 unchanged - 0 fixed = 116 total (was 115)
          +1 mvnsite 0m 55s the patch passed
          +1 mvneclipse 0m 13s the patch passed
          +1 whitespace 0m 0s The patch has no whitespace issues.
          +1 findbugs 1m 28s the patch passed
          +1 javadoc 0m 46s the patch passed
          +1 unit 7m 10s hadoop-common in the patch passed.
          +1 asflicense 0m 25s The patch does not generate ASF License warnings.
          37m 35s



          Subsystem Report/Notes
          Docker Image:yetus/hadoop:9560f25
          JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12816765/HADOOP-13352.001.patch
          JIRA Issue HADOOP-13352
          Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle
          uname Linux 7d93adb48424 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Build tool maven
          Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
          git revision trunk / 30ee57c
          Default Java 1.8.0_91
          findbugs v3.0.0
          checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/9944/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-common.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/9944/testReport/
          modules C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/9944/console
          Powered by Apache Yetus 0.4.0-SNAPSHOT http://yetus.apache.org

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - +1 overall Vote Subsystem Runtime Comment 0 reexec 0m 14s Docker mode activated. +1 @author 0m 0s The patch does not contain any @author tags. +1 test4tests 0m 0s The patch appears to include 2 new or modified test files. +1 mvninstall 6m 44s trunk passed +1 compile 6m 31s trunk passed +1 checkstyle 0m 24s trunk passed +1 mvnsite 0m 57s trunk passed +1 mvneclipse 0m 14s trunk passed +1 findbugs 1m 31s trunk passed +1 javadoc 0m 45s trunk passed +1 mvninstall 0m 41s the patch passed +1 compile 6m 50s the patch passed +1 javac 6m 50s the patch passed -0 checkstyle 0m 24s hadoop-common-project/hadoop-common: The patch generated 1 new + 115 unchanged - 0 fixed = 116 total (was 115) +1 mvnsite 0m 55s the patch passed +1 mvneclipse 0m 13s the patch passed +1 whitespace 0m 0s The patch has no whitespace issues. +1 findbugs 1m 28s the patch passed +1 javadoc 0m 46s the patch passed +1 unit 7m 10s hadoop-common in the patch passed. +1 asflicense 0m 25s The patch does not generate ASF License warnings. 37m 35s Subsystem Report/Notes Docker Image:yetus/hadoop:9560f25 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12816765/HADOOP-13352.001.patch JIRA Issue HADOOP-13352 Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle uname Linux 7d93adb48424 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / 30ee57c Default Java 1.8.0_91 findbugs v3.0.0 checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/9944/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/9944/testReport/ modules C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/9944/console Powered by Apache Yetus 0.4.0-SNAPSHOT http://yetus.apache.org This message was automatically generated.
          Hide
          lmccay Larry McCay added a comment -

          Hi Anu Engineer - this looks great.
          Can you resolve the new checkstyle issue that it adds?

          After that is taken care of and we have a clean jenkins build I will be +1.

          Show
          lmccay Larry McCay added a comment - Hi Anu Engineer - this looks great. Can you resolve the new checkstyle issue that it adds? After that is taken care of and we have a clean jenkins build I will be +1.
          Hide
          anu Anu Engineer added a comment -

          Larry McCay Thanks for your comment. Current code follows the surrounding code in HttpServer2.java file, and it looks consistent in the context. We have generally been ignoring this checkstyle warning, especially when we are working in older files. if you insist I will go ahead and fix it. Please let know your preference and I will address it accordingly.

          Show
          anu Anu Engineer added a comment - Larry McCay Thanks for your comment. Current code follows the surrounding code in HttpServer2.java file, and it looks consistent in the context. We have generally been ignoring this checkstyle warning, especially when we are working in older files. if you insist I will go ahead and fix it. Please let know your preference and I will address it accordingly.
          Hide
          lmccay Larry McCay added a comment -

          If that is an accepted warning due to the context then I am +1 on the patch.
          Chris Nauroth - do you have any problem with that?

          Show
          lmccay Larry McCay added a comment - If that is an accepted warning due to the context then I am +1 on the patch. Chris Nauroth - do you have any problem with that?
          Hide
          cnauroth Chris Nauroth added a comment -

          No objection from me. Thanks!

          --Chris Nauroth

          Show
          cnauroth Chris Nauroth added a comment - No objection from me. Thanks! --Chris Nauroth
          Hide
          haibochen Haibo Chen added a comment -

          The patch LGTM, +1 non-binding.

          Show
          haibochen Haibo Chen added a comment - The patch LGTM, +1 non-binding.
          Hide
          lmccay Larry McCay added a comment -

          Here is my +1.

          Show
          lmccay Larry McCay added a comment - Here is my +1.
          Hide
          rkanter Robert Kanter added a comment -

          Not a big deal, but should we make getEnum private or at least protected?

          Show
          rkanter Robert Kanter added a comment - Not a big deal, but should we make getEnum private or at least protected ?
          Hide
          anu Anu Engineer added a comment -

          Robert Kanter Good catch ! Thanks for your review comment, This patch changes the public access of getEnum to private. There is no other change, so I am hoping other +1s will hold.

          Show
          anu Anu Engineer added a comment - Robert Kanter Good catch ! Thanks for your review comment, This patch changes the public access of getEnum to private. There is no other change, so I am hoping other +1s will hold.
          Hide
          jnp Jitendra Nath Pandey added a comment -

          +1, I am going to commit shortly.

          Show
          jnp Jitendra Nath Pandey added a comment - +1, I am going to commit shortly.
          Hide
          hadoopqa Hadoop QA added a comment -
          -1 overall



          Vote Subsystem Runtime Comment
          0 reexec 0m 0s Docker mode activated.
          -1 patch 0m 5s HADOOP-13352 does not apply to trunk. Rebase required? Wrong Branch? See https://wiki.apache.org/hadoop/HowToContribute for help.



          Subsystem Report/Notes
          JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12816901/HADOOP-13352.002.patch
          JIRA Issue HADOOP-13352
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/9947/console
          Powered by Apache Yetus 0.4.0-SNAPSHOT http://yetus.apache.org

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 reexec 0m 0s Docker mode activated. -1 patch 0m 5s HADOOP-13352 does not apply to trunk. Rebase required? Wrong Branch? See https://wiki.apache.org/hadoop/HowToContribute for help. Subsystem Report/Notes JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12816901/HADOOP-13352.002.patch JIRA Issue HADOOP-13352 Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/9947/console Powered by Apache Yetus 0.4.0-SNAPSHOT http://yetus.apache.org This message was automatically generated.
          Hide
          jnp Jitendra Nath Pandey added a comment -

          Seems jenkins picked it up, after my commit. I compiled and ran the new test. I have committed it to trunk and branch-2. Thanks Anu.

          Show
          jnp Jitendra Nath Pandey added a comment - Seems jenkins picked it up, after my commit. I compiled and ran the new test. I have committed it to trunk and branch-2. Thanks Anu.
          Hide
          anu Anu Engineer added a comment -

          Jitendra Nath Pandey Thank you for reviewing and committing this. Robert Kanter, Haibo Chen, Larry McCay and Chris Nauroth Thanks for the reviews and comments.

          Show
          anu Anu Engineer added a comment - Jitendra Nath Pandey Thank you for reviewing and committing this. Robert Kanter , Haibo Chen , Larry McCay and Chris Nauroth Thanks for the reviews and comments.
          Hide
          hudson Hudson added a comment -

          SUCCESS: Integrated in Hadoop-trunk-Commit #10070 (See https://builds.apache.org/job/Hadoop-trunk-Commit/10070/)
          HADOOP-13352. Make X-FRAME-OPTIONS configurable in HttpServer2. (jitendra: rev ef30bf3c3f2688f803b3e9d16cc7e9f61a1ab0de)

          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/HttpServerFunctionalTest.java
          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestHttpServer.java
          • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
          Show
          hudson Hudson added a comment - SUCCESS: Integrated in Hadoop-trunk-Commit #10070 (See https://builds.apache.org/job/Hadoop-trunk-Commit/10070/ ) HADOOP-13352 . Make X-FRAME-OPTIONS configurable in HttpServer2. (jitendra: rev ef30bf3c3f2688f803b3e9d16cc7e9f61a1ab0de) hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/HttpServerFunctionalTest.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestHttpServer.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
          Hide
          lmccay Larry McCay added a comment -

          Great - thanks for adding this, Anu Engineer!

          Show
          lmccay Larry McCay added a comment - Great - thanks for adding this, Anu Engineer !
          Hide
          jnp Jitendra Nath Pandey added a comment -

          Committed this to branch-2.8 as well.

          Show
          jnp Jitendra Nath Pandey added a comment - Committed this to branch-2.8 as well.

            People

            • Assignee:
              anu Anu Engineer
              Reporter:
              anu Anu Engineer
            • Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development