You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by Sean Busbey <bu...@cloudera.com> on 2015/07/31 20:36:52 UTC

any volunteers for HBASE-14148?

Hi Folks!

(Before reading further, please DO NOT read any of the patches on the
referenced jira nor the OWASP website's example JavaEE filter)

We're looking for someone who can make a filter to add the X-Frame-Options
header to our web UIs to defend against a known attack vector (see the
ticket description for details on the attack).

The last patch made use of some code from OWASP (appropriately licensed),
but Elliot would prefer we not use copied code for something
straight-forward to implement on our own.

To avoid licensing issues, we need someone who has not seen the OWASP code
to take over the jira.

Any takers?

[1] https://issues.apache.org/jira/browse/HBASE-14148

-- 
Sean