Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
Reviewed
Description
HDFS-10579 adds X-FRAME-OPTIONS protection to Namenode and Datanode.
This is also needed for Secondary Namenode as well.
Seondary Namenode misses X-FRAME-OPTIONS protection
[root@f0e12b63907e opt]# curl -I http://127.0.0.1:50090/index.html
HTTP/1.1 200 OK
Cache-Control: no-cache
Expires: Tue, 18 Jul 2017 20:13:53 GMT
Date: Tue, 18 Jul 2017 20:13:53 GMT
Pragma: no-cache
Expires: Tue, 18 Jul 2017 20:13:53 GMT
Date: Tue, 18 Jul 2017 20:13:53 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 12 Jun 2017 13:15:41 GMT
Content-Length: 1083
Accept-Ranges: bytes
Server: Jetty(6.1.26)
Primary Namenode offers X-FRAME-OPTIONS protection
[root@f0e12b63907e opt]# curl -I http://127.0.0.1:50070/index.html
HTTP/1.1 200 OK
Cache-Control: no-cache
Expires: Tue, 18 Jul 2017 20:14:04 GMT
Date: Tue, 18 Jul 2017 20:14:04 GMT
Pragma: no-cache
Expires: Tue, 18 Jul 2017 20:14:04 GMT
Date: Tue, 18 Jul 2017 20:14:04 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FRAME-OPTIONS: SAMEORIGIN
Last-Modified: Mon, 12 Jun 2017 13:15:41 GMT
Content-Length: 1079
Accept-Ranges: bytes
Server: Jetty(6.1.26)