You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by on...@apache.org on 2013/11/13 16:51:27 UTC

git commit: AMBARI-3758. Make Ambari Web changes for CSRF prevention. (onechiporenko)

Updated Branches:
  refs/heads/trunk d639a7f06 -> a0d57eb11


AMBARI-3758. Make Ambari Web changes for CSRF prevention. (onechiporenko)


Project: http://git-wip-us.apache.org/repos/asf/incubator-ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ambari/commit/a0d57eb1
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ambari/tree/a0d57eb1
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ambari/diff/a0d57eb1

Branch: refs/heads/trunk
Commit: a0d57eb11e9121e1a55635d6042a8aff957a6f23
Parents: d639a7f
Author: Oleg Nechiporenko <cv...@yahoo.com>
Authored: Wed Nov 13 16:24:20 2013 +0200
Committer: Oleg Nechiporenko <cv...@yahoo.com>
Committed: Wed Nov 13 17:51:22 2013 +0200

----------------------------------------------------------------------
 ambari-web/app/config.js                |  3 ++-
 ambari-web/app/messages.js              |  4 +++-
 ambari-web/app/templates/utils/ajax.hbs | 24 ++++++++++++++++++++++++
 ambari-web/app/utils/ajax.js            |  9 +++------
 4 files changed, 32 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/a0d57eb1/ambari-web/app/config.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/config.js b/ambari-web/app/config.js
index 834efaf..b9f869d 100644
--- a/ambari-web/app/config.js
+++ b/ambari-web/app/config.js
@@ -72,7 +72,8 @@ if (App.enableExperimental) {
 
 // this is to make sure that IE does not cache data when making AJAX calls to the server
 $.ajaxSetup({
-  cache: false
+  cache: false,
+  headers: {"X-Requested-By": "X-Requested-By"}
 });
 
 /**

http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/a0d57eb1/ambari-web/app/messages.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/messages.js b/ambari-web/app/messages.js
index 170310b..3649a58 100644
--- a/ambari-web/app/messages.js
+++ b/ambari-web/app/messages.js
@@ -1683,5 +1683,7 @@ Em.I18n.translations = {
   'config.group.selection.dialog.option.create': 'Create new configuration group',
   'config.group.selection.dialog.option.create.msg': 'A new configuration group will be created with the given name. Initially there will be no hosts in the group, with only the selected property overridden.',
   'config.group.selection.dialog.err.name.exists': 'Configuration group with given name already exists',
-  'config.group.selection.dialog.err.create': 'Error creating new configuration group [{0}]'
+  'config.group.selection.dialog.err.create': 'Error creating new configuration group [{0}]',
+
+  'utils.ajax.errorMessage': 'Error message'
 };

http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/a0d57eb1/ambari-web/app/templates/utils/ajax.hbs
----------------------------------------------------------------------
diff --git a/ambari-web/app/templates/utils/ajax.hbs b/ambari-web/app/templates/utils/ajax.hbs
new file mode 100644
index 0000000..788444f
--- /dev/null
+++ b/ambari-web/app/templates/utils/ajax.hbs
@@ -0,0 +1,24 @@
+{{!
+* Licensed to the Apache Software Foundation (ASF) under one
+* or more contributor license agreements.  See the NOTICE file
+* distributed with this work for additional information
+* regarding copyright ownership.  The ASF licenses this file
+* to you under the Apache License, Version 2.0 (the
+* "License"); you may not use this file except in compliance
+* with the License.  You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+}}
+
+<span class="text-error">{{view.statusCode}}</span> <span>{{view.api}}</span>
+{{#if view.showMessage}}
+  <br />
+  <br />
+  <pre><strong>{{t utils.ajax.errorMessage}}: </strong><span class="text-error">{{view.message}}</span></pre>
+{{/if}}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/a0d57eb1/ambari-web/app/utils/ajax.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/utils/ajax.js b/ambari-web/app/utils/ajax.js
index 8f7df69..91654d3 100644
--- a/ambari-web/app/utils/ajax.js
+++ b/ambari-web/app/utils/ajax.js
@@ -1255,7 +1255,7 @@ App.ajax = {
         config.sender[config.beforeSend](opt, xhr, params);
       }
     };
-    opt.success = function (data) {
+    opt.success = function (data, textStatus, xhr) {
       console.log("TRACE: The url is: " + opt.url);
       if (config.success) {
         config.sender[config.success](data, opt, params);
@@ -1276,7 +1276,7 @@ App.ajax = {
     if ($.mocho) {
       opt.url = 'http://' + $.hostName + opt.url;
     }
-      return $.ajax(opt);
+    return $.ajax(opt);
   },
 
   // A single instance of App.ModalPopup view
@@ -1315,10 +1315,7 @@ App.ajax = {
         },
         bodyClass: Ember.View.extend({
           classNames: ['api-error'],
-          template: Ember.Handlebars.compile(['<span class="text-error">{{view.statusCode}}</span><span>{{view.api}}</span>',
-            '{{#if view.showMessage}}',
-            '<br><br><pre><strong>Error message: </strong><span class="text-error">{{view.message}}</span></pre>',
-            '{{/if}}'].join('\n')),
+          templateName: require('templates/utils/ajax'),
           api: api,
           statusCode: statusCode,
           message: message,