탐색 도움말
가입하기 로그인
apache
/
hadoop
의 미러 https://github.com/apache/hadoop.git
2
0
포크 1
파일 이슈 0 위키
소스 검색

YARN-8868. Set HTTPOnly attribute to Cookie. Contributed by Chandni Singh.

(cherry picked from commit 2202e00ba8a44ad70f0a90e6c519257e3ae56a36)
Sunil G 6 년 전
부모
28a1cabb72
커밋
30998fea28
2개의 변경된 파일10개의 추가작업 그리고 3개의 파일을 삭제
분할 보기 변경상태 보기
  1. 9 3
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/Dispatcher.java
  2. 1 0
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-web-proxy/src/main/java/org/apache/hadoop/yarn/server/webproxy/WebAppProxyServlet.java

+ 9 - 3
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/Dispatcher.java
파일 보기 

@@ -179,10 +179,10 @@ public class Dispatcher extends HttpServlet {
 
     String st = devMode ? ErrorPage.toStackTrace(e, 1024 * 3) // spec: min 4KB
 
                         : "See logs for stack trace";
 
     res.setStatus(res.SC_FOUND);
 
-    Cookie cookie = new Cookie(STATUS_COOKIE, String.valueOf(500));
 
+    Cookie cookie = createCookie(STATUS_COOKIE, String.valueOf(500));
 
     cookie.setPath(path);
 
     res.addCookie(cookie);
 
-    cookie = new Cookie(ERROR_COOKIE, st);
 
+    cookie = createCookie(ERROR_COOKIE, st);
 
     cookie.setPath(path);
 
     res.addCookie(cookie);
 
     res.setHeader("Location", path);
 
@@ -196,7 +196,7 @@ public class Dispatcher extends HttpServlet {
 
   public static void removeCookie(HttpServletResponse res, String name,
 
                                   String path) {
 
     LOG.debug("removing cookie {} on {}", name, path);
 
-    Cookie c = new Cookie(name, "");
 
+    Cookie c = createCookie(name, "");
 
     c.setMaxAge(0);
 
     c.setPath(path);
 
     res.addCookie(c);
 
@@ -249,4 +249,10 @@ public class Dispatcher extends HttpServlet {
 
       }
 
     }, 18); // enough time for the last local request to complete
 
   }
 
+
 
+  private static Cookie createCookie(String name, String val) {
 
+    Cookie cookie = new Cookie(name, val);
 
+    cookie.setHttpOnly(true);
 
+    return cookie;
 
+  }
 
 }

+ 1 - 0
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-web-proxy/src/main/java/org/apache/hadoop/yarn/server/webproxy/WebAppProxyServlet.java
파일 보기 

@@ -271,6 +271,7 @@ public class WebAppProxyServlet extends HttpServlet {
 
   
   private static Cookie makeCheckCookie(ApplicationId id, boolean isSet) {
 
     Cookie c = new Cookie(getCheckCookieName(id),String.valueOf(isSet));
 
+    c.setHttpOnly(true);
 
     c.setPath(ProxyUriUtils.getPath(id));
 
     c.setMaxAge(60 * 60 * 2); //2 hours in seconds
 
     return c;