You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by "Esteban Gutierrez (JIRA)" <ji...@apache.org> on 2018/01/09 19:31:00 UTC

[jira] [Created] (HBASE-19741) Port CSRF prevention filter (HBASE-15187) to the HBase Thrift server

Esteban Gutierrez created HBASE-19741:
-----------------------------------------

             Summary: Port CSRF prevention filter (HBASE-15187) to the HBase Thrift server
                 Key: HBASE-19741
                 URL: https://issues.apache.org/jira/browse/HBASE-19741
             Project: HBase
          Issue Type: Bug
            Reporter: Esteban Gutierrez
            Priority: Minor


Our thrift server is prone to the same CSRF issue described in HBASE-15187. Even it only affects browsers it triggers a positive match in some venerability scanners even there is no real impact. We should correct our headers in the HBase Thrift server to avoid that problem.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)