Inicio Explorar Ayuda
Registro Iniciar sesión
apache
/
hadoop
espejo de https://github.com/apache/hadoop.git
2
0
Fork 1
Archivos Incidencias 0 Wiki
Explorar el Código

HDFS-12158. Secondary Namenode's web interface lack configs for X-FRAME-OPTIONS protection. Contributed by Mukul Kumar Singh.

(cherry picked from commit 413b23eb04eee24275257ab462133e0818f87449)
(cherry picked from commit e0297ffbc89e9f037d5f6a8c5874ce8794656e0c)
Anu Engineer hace 7 años
padre
4daf5741e0
commit
6ed569df21
Se han modificado 2 ficheros con 32 adiciones y 0 borrados
Dividir vista Mostrar estadísticas de diff
  1. 10 0
      hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
  2. 22 0
      hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNameNodeHttpServerXFrame.java

+ 10 - 0
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
Ver fichero 

@@ -479,6 +479,16 @@ public class SecondaryNameNode implements Runnable,
 
             DFS_SECONDARY_NAMENODE_KERBEROS_INTERNAL_SPNEGO_PRINCIPAL_KEY,
 
         DFSConfigKeys.DFS_SECONDARY_NAMENODE_KEYTAB_FILE_KEY);
 
 
+    final boolean xFrameEnabled = conf.getBoolean(
 
+        DFSConfigKeys.DFS_XFRAME_OPTION_ENABLED,
 
+        DFSConfigKeys.DFS_XFRAME_OPTION_ENABLED_DEFAULT);
 
+
 
+    final String xFrameOptionValue = conf.getTrimmed(
 
+        DFSConfigKeys.DFS_XFRAME_OPTION_VALUE,
 
+        DFSConfigKeys.DFS_XFRAME_OPTION_VALUE_DEFAULT);
 
+
 
+    builder.configureXFrame(xFrameEnabled).setXFrameOption(xFrameOptionValue);
 
+
 
     infoServer = builder.build();
 
     infoServer.setAttribute("secondary.name.node", this);
 
     infoServer.setAttribute("name.system.image", checkpointImage);

+ 22 - 0
hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNameNodeHttpServerXFrame.java
Ver fichero 

@@ -18,6 +18,7 @@
 
 package org.apache.hadoop.hdfs.server.namenode;
 
 
 import org.apache.hadoop.conf.Configuration;
 
+import org.apache.hadoop.fs.FileSystem;
 
 import org.apache.hadoop.hdfs.DFSConfigKeys;
 
 import org.apache.hadoop.hdfs.HdfsConfiguration;
 
 import org.apache.hadoop.http.HttpServer2;
 
@@ -32,6 +33,7 @@ import java.net.HttpURLConnection;
 
 import java.net.InetSocketAddress;
 
 import java.net.MalformedURLException;
 
 import java.net.URL;
 
+import java.net.URI;
 
 
 /**
 
  * A class to test the XFrameoptions of Namenode HTTP Server. We are not reusing
 
@@ -94,4 +96,24 @@ public class TestNameNodeHttpServerXFrame {
 
     conn.connect();
 
     return conn;
 
   }
 
+
 
+  @Test
 
+  public void testSecondaryNameNodeXFrame() throws IOException {
 
+    Configuration conf = new HdfsConfiguration();
 
+    FileSystem.setDefaultUri(conf, "hdfs://localhost:0");
 
+
 
+    SecondaryNameNode sn = new SecondaryNameNode(conf);
 
+    sn.startInfoServer();
 
+    InetSocketAddress httpAddress = SecondaryNameNode.getHttpAddress(conf);
 
+
 
+    URL url = URI.create("http://" + httpAddress.getHostName()
 
+        + ":" + httpAddress.getPort()).toURL();
 
+    HttpURLConnection conn = (HttpURLConnection) url.openConnection();
 
+    conn.connect();
 
+    String xfoHeader = conn.getHeaderField("X-FRAME-OPTIONS");
 
+    Assert.assertTrue("X-FRAME-OPTIONS is absent in the header",
 
+        xfoHeader != null);
 
+    Assert.assertTrue(xfoHeader.endsWith(HttpServer2.XFrameOption
 
+        .SAMEORIGIN.toString()));
 
+  }
 
 }