You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-dev@hadoop.apache.org by "Benjamin Teke (Jira)" <ji...@apache.org> on 2021/06/25 17:41:00 UTC

[jira] [Created] (YARN-10833) RM logs endpoint vulnerable to clickjacking

Benjamin Teke created YARN-10833:
------------------------------------

             Summary: RM logs endpoint vulnerable to clickjacking
                 Key: YARN-10833
                 URL: https://issues.apache.org/jira/browse/YARN-10833
             Project: Hadoop YARN
          Issue Type: Bug
            Reporter: Benjamin Teke
            Assignee: Benjamin Teke


The /logs endpoint is missing the x-frame options in the response header, even though it is configured. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-dev-help@hadoop.apache.org