You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Esteban Gutierrez (JIRA)" <ji...@apache.org> on 2018/01/09 19:31:00 UTC
[jira] [Created] (HBASE-19741) Port CSRF prevention filter
(HBASE-15187) to the HBase Thrift server
Esteban Gutierrez created HBASE-19741:
-----------------------------------------
Summary: Port CSRF prevention filter (HBASE-15187) to the HBase Thrift server
Key: HBASE-19741
URL: https://issues.apache.org/jira/browse/HBASE-19741
Project: HBase
Issue Type: Bug
Reporter: Esteban Gutierrez
Priority: Minor
Our thrift server is prone to the same CSRF issue described in HBASE-15187. Even it only affects browsers it triggers a positive match in some venerability scanners even there is no real impact. We should correct our headers in the HBase Thrift server to avoid that problem.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)