You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Imran Rashid (JIRA)" <ji...@apache.org> on 2019/01/08 17:27:00 UTC
[jira] [Resolved] (SPARK-24522) Centralize code to deal with
security-related HTTP features
[ https://issues.apache.org/jira/browse/SPARK-24522?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Imran Rashid resolved SPARK-24522.
----------------------------------
Resolution: Fixed
Fix Version/s: 3.0.0
Issue resolved by pull request 23302
[https://github.com/apache/spark/pull/23302]
> Centralize code to deal with security-related HTTP features
> -----------------------------------------------------------
>
> Key: SPARK-24522
> URL: https://issues.apache.org/jira/browse/SPARK-24522
> Project: Spark
> Issue Type: Improvement
> Components: Web UI
> Affects Versions: 2.4.0
> Reporter: Marcelo Vanzin
> Assignee: Marcelo Vanzin
> Priority: Major
> Fix For: 3.0.0
>
>
> Currently there's code scattered in a few places to deal with different HTTP-related security features, such as XSS protection.
> The current approach makes it hard to verify that these are applied uniformly across all of Spark.
> We should centralize this code and enforce that it's applied to all UI handlers.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org