Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-19741

Port CSRF prevention filter (HBASE-15187) to the HBase Thrift server

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: security, Thrift
    • Labels:
      None

      Description

      Our thrift server is prone to the same CSRF issue described in HBASE-15187. Even it only affects browsers it triggers a positive match in some venerability scanners even there is no real impact. We should correct our headers in the HBase Thrift server to avoid that problem.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                esteban Esteban Gutierrez
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated: