Startsida Utforska Hjälp
Registrera dig Logga in
apache
/
hadoop
spegling av https://github.com/apache/hadoop.git
2
0
Fork 1
Filer Ärenden 0 Wiki
Bläddra i källkod

HDFS-11441. Add escaping to error message in KMS web UI. Contributed by Aaron T. Myers.

Andrew Wang 8 år sedan
förälder
209ecd1a5c
incheckning
ec839b94c0
1 ändrade filer med 2 tillägg och 1 borttagningar
Delad Vy Visa Diff Statistik
  1. 2 1
      hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java

+ 2 - 1
hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java
Visa fil 

@@ -20,6 +20,7 @@ package org.apache.hadoop.crypto.key.kms.server;
 
 import org.apache.hadoop.classification.InterfaceAudience;
 
 import org.apache.hadoop.conf.Configuration;
 
 import org.apache.hadoop.crypto.key.kms.KMSDelegationToken;
 
+import org.apache.hadoop.http.HtmlQuoting;
 
 import org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler;
 
 import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler;
 
 import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter;
 
@@ -105,7 +106,7 @@ public class KMSAuthenticationFilter
 
     public void sendError(int sc, String msg) throws IOException {
 
       statusCode = sc;
 
       this.msg = msg;
 
-      super.sendError(sc, msg);
 
+      super.sendError(sc, HtmlQuoting.quoteHtmlChars(msg));
 
     }
 
 
     @Override