Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-17424

Protect REST client against malicious XML responses.

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.3.0, 1.2.5, 1.1.9, 2.0.0
    • Component/s: REST
    • Labels:
      None

      Description

      If, by some means, an unsuspecting REST server client would get a malformed response from the REST server, it could result in the client performing some unintended action from the XML parsing.

      We should disable these extra options on the XML parser to prevent the possibility.

        Attachments

        1. HBASE-17424.002.patch
          6 kB
          Josh Elser
        2. HBASE-17424.001.patch
          6 kB
          Josh Elser

          Issue Links

            Activity

              People

              • Assignee:
                elserj Josh Elser
                Reporter:
                elserj Josh Elser
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: