[HDFS-9711] Integrate CSRF prevention filter in WebHDFS. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.8.0, 3.0.0-alpha1
Component/s: datanode, namenode, webhdfs
Labels:
None

Target Version/s:

2.8.0
Hadoop Flags:

Reviewed
Release Note:

Hide
WebHDFS now supports options to enforce cross-site request forgery (CSRF) prevention for HTTP requests to both the NameNode and the DataNode. Please refer to the updated WebHDFS documentation for a description of this feature and further details on how to configure it.

Show
WebHDFS now supports options to enforce cross-site request forgery (CSRF) prevention for HTTP requests to both the NameNode and the DataNode. Please refer to the updated WebHDFS documentation for a description of this feature and further details on how to configure it.

Description

~~HADOOP-12691~~ introduced a filter in Hadoop Common to help REST APIs guard against cross-site request forgery attacks. This issue tracks integration of that filter in WebHDFS.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HDFS-9711.001.patch
27/Jan/16 21:17
42 kB
Chris Nauroth
HDFS-9711.002.patch
28/Jan/16 20:28
42 kB
Chris Nauroth
HDFS-9711.003.patch
09/Feb/16 20:27
45 kB
Chris Nauroth
HDFS-9711.004.patch
10/Feb/16 19:58
47 kB
Chris Nauroth
HDFS-9711.005.patch
12/Feb/16 19:41
48 kB
Chris Nauroth
HDFS-9711-branch-2.005.patch
18/Feb/16 00:19
49 kB
Chris Nauroth

Issue Links

is related to

HBASE-15187 Integrate CSRF prevention filter to REST gateway

Resolved

HADOOP-12691 Add CSRF Filter for REST APIs to Hadoop Common

Resolved

Activity

People

Assignee:: Chris Nauroth

Reporter:: Chris Nauroth

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 27/Jan/16 21:15

Updated:: 30/Aug/16 01:20

Resolved:: 18/Feb/16 18:24