Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
apache
/
hadoop
spogulis no https://github.com/apache/hadoop.git
2
0
Atdalīts 1
Faili Problēmas 0 Vikivietne
Pārlūkot izejas kodu

YARN-8868. Set HTTPOnly attribute to Cookie. Contributed by Chandni Singh.

(cherry picked from commit 2202e00ba8a44ad70f0a90e6c519257e3ae56a36)
Sunil G 6 gadi atpakaļ
vecāks
28a1cabb72
revīzija
30998fea28
2 mainītis faili ar 10 papildinājumiem un 3 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 9 3
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/Dispatcher.java
  2. 1 0
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-web-proxy/src/main/java/org/apache/hadoop/yarn/server/webproxy/WebAppProxyServlet.java

+ 9 - 3
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/Dispatcher.java
Parādīt failu 

@@ -179,10 +179,10 @@ public class Dispatcher extends HttpServlet {
 
     String st = devMode ? ErrorPage.toStackTrace(e, 1024 * 3) // spec: min 4KB
 
                         : "See logs for stack trace";
 
     res.setStatus(res.SC_FOUND);
 
-    Cookie cookie = new Cookie(STATUS_COOKIE, String.valueOf(500));
 
+    Cookie cookie = createCookie(STATUS_COOKIE, String.valueOf(500));
 
     cookie.setPath(path);
 
     res.addCookie(cookie);
 
-    cookie = new Cookie(ERROR_COOKIE, st);
 
+    cookie = createCookie(ERROR_COOKIE, st);
 
     cookie.setPath(path);
 
     res.addCookie(cookie);
 
     res.setHeader("Location", path);
 
@@ -196,7 +196,7 @@ public class Dispatcher extends HttpServlet {
 
   public static void removeCookie(HttpServletResponse res, String name,
 
                                   String path) {
 
     LOG.debug("removing cookie {} on {}", name, path);
 
-    Cookie c = new Cookie(name, "");
 
+    Cookie c = createCookie(name, "");
 
     c.setMaxAge(0);
 
     c.setPath(path);
 
     res.addCookie(c);
 
@@ -249,4 +249,10 @@ public class Dispatcher extends HttpServlet {
 
       }
 
     }, 18); // enough time for the last local request to complete
 
   }
 
+
 
+  private static Cookie createCookie(String name, String val) {
 
+    Cookie cookie = new Cookie(name, val);
 
+    cookie.setHttpOnly(true);
 
+    return cookie;
 
+  }
 
 }

+ 1 - 0
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-web-proxy/src/main/java/org/apache/hadoop/yarn/server/webproxy/WebAppProxyServlet.java
Parādīt failu 

@@ -271,6 +271,7 @@ public class WebAppProxyServlet extends HttpServlet {
 
   
   private static Cookie makeCheckCookie(ApplicationId id, boolean isSet) {
 
     Cookie c = new Cookie(getCheckCookieName(id),String.valueOf(isSet));
 
+    c.setHttpOnly(true);
 
     c.setPath(ProxyUriUtils.getPath(id));
 
     c.setMaxAge(60 * 60 * 2); //2 hours in seconds
 
     return c;