Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-11661

Adding new property to configure the "SameSite" cookie attribute on YARN UI

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Workaround
    • 3.4.0
    • None
    • yarn
    • None
    • Reviewed

    Description

      If we use 'SameSite=Strict,' the browser would only send the cookie for same-site requests, rendering cross-site sessions ineffective.
      However, it’s worth noting that while using SameSite=None with TLS does enhance the security of your cookies compared to using it without TLS, it doesn’t provide complete security. Nevertheless, considering the necessity for cross-site sessions, utilizing SameSite=None along with TLS can provide a reasonable level of security.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-15457 Add Security-Related HTTP Response Header in WEBUIs.

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              susheel_7 Susheel Gupta
              susheel_7 Susheel Gupta
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: