You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@storm.apache.org by kishorvpatil <gi...@git.apache.org> on 2015/11/14 20:39:31 UTC
[GitHub] storm pull request: [STORM-1204] Fixing attempt to access to direc...
GitHub user kishorvpatil opened a pull request:
https://github.com/apache/storm/pull/879
[STORM-1204] Fixing attempt to access to directory before authorizing user
Fixing dumps endpoints, if URL request has no file/directory it return 500 instead of page-not-found.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/kishorvpatil/incubator-storm STORM-1204
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/storm/pull/879.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #879
----
commit 8cf5932958954fc591146f5119da78b8e0ef7307
Author: Kishor Patil <kp...@yahoo-inc.com>
Date: 2015-11-13T18:46:55Z
Fixing attempt to access to directory before checking user authorization and avoid dumps listing error
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] storm pull request: [STORM-1204] Fixing attempt to access to direc...
Posted by revans2 <gi...@git.apache.org>.
Github user revans2 commented on the pull request:
https://github.com/apache/storm/pull/879#issuecomment-157066468
+1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] storm pull request: [STORM-1204] Fixing attempt to access to direc...
Posted by kishorvpatil <gi...@git.apache.org>.
Github user kishorvpatil commented on the pull request:
https://github.com/apache/storm/pull/879#issuecomment-157097910
@redsanket We are doing this only are couple of places.. no making it a utility may not be much useful.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] storm pull request: [STORM-1204] Fixing attempt to access to direc...
Posted by redsanket <gi...@git.apache.org>.
Github user redsanket commented on a diff in the pull request:
https://github.com/apache/storm/pull/879#discussion_r44933452
--- Diff: storm-core/src/clj/backtype/storm/daemon/logviewer.clj ---
@@ -967,15 +978,30 @@
(ring-response-from-exception ex))))
(GET "/dumps/:topo-id/:host-port/:filename"
[:as {:keys [servlet-request servlet-response log-root]} topo-id host-port filename &m]
- (let [port (second (split host-port #":"))]
- (-> (resp/response (File. (str log-root
- file-path-separator
- topo-id
- file-path-separator
- port
- file-path-separator
- filename)))
- (resp/content-type "application/octet-stream"))))
+ (let [user (.getUserName http-creds-handler servlet-request)
+ port (second (split host-port #":"))
+ dir (File. (str log-root
+ file-path-separator
+ topo-id
+ file-path-separator
+ port))
+ file (File. (str log-root
+ file-path-separator
+ topo-id
+ file-path-separator
+ port
+ file-path-separator
+ filename))]
--- End diff --
Can we convert this to a utility method, it will be useful
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] storm pull request: [STORM-1204] Fixing attempt to access to direc...
Posted by redsanket <gi...@git.apache.org>.
Github user redsanket commented on the pull request:
https://github.com/apache/storm/pull/879#issuecomment-157061483
minor suggestion, +1 NB
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] storm pull request: [STORM-1204] Fixing attempt to access to direc...
Posted by zhuoliu <gi...@git.apache.org>.
Github user zhuoliu commented on the pull request:
https://github.com/apache/storm/pull/879#issuecomment-157177411
+1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] storm pull request: [STORM-1204] Fixing attempt to access to direc...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/storm/pull/879
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---