You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Wellington Chevreuil (JIRA)" <ji...@apache.org> on 2019/01/24 04:35:00 UTC
[jira] [Comment Edited] (HBASE-19234) Dangerous HTTP Methods are
been allowed (secure mode)
[ https://issues.apache.org/jira/browse/HBASE-19234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16750710#comment-16750710 ]
Wellington Chevreuil edited comment on HBASE-19234 at 1/24/19 4:34 AM:
-----------------------------------------------------------------------
I believe this is already addressed by HBASE-20004, where 'hbase.rest.http.allow.options.method' configuration property is enabled by default on versions > 2.1. [~pragna_156], would you have more details on which version you had seen this behaviour? Have you tried setting 'hbase.rest.http.allow.options.method' to false?
was (Author: wchevreuil):
I believe this is already addressed by HBASE-20004, where 'hbase.rest.http.allow.options.method' configuration property is enabled by default on versions > 2.1. [~pragna_156], would you have more details on which version you had seen this behaviour?
> Dangerous HTTP Methods are been allowed (secure mode)
> -----------------------------------------------------
>
> Key: HBASE-19234
> URL: https://issues.apache.org/jira/browse/HBASE-19234
> Project: HBase
> Issue Type: Bug
> Components: API, REST
> Reporter: pragna kari
> Priority: Minor
>
> While executing the REST API Curl commands in secure cluster ,
> Steps to reproduce:
> Try to change the HTTP methods(GET/PUT/POST) to OPTIONS/TRACE
> Execute the commad
> Actual output:
> Command is getting executed and giving out the 200Ok status with the result
> Expected output :
> Should not accept the other methods and throw 403 error
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)