You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@storm.apache.org by bo...@apache.org on 2015/02/03 20:33:03 UTC
[3/4] storm git commit: Merge branch 'STORM-608' of
https://github.com/harshach/incubator-storm into STORM-608
Merge branch 'STORM-608' of https://github.com/harshach/incubator-storm into STORM-608
STORM-608: Storm UI CSRF escape characters not work correctly.
Project: http://git-wip-us.apache.org/repos/asf/storm/repo
Commit: http://git-wip-us.apache.org/repos/asf/storm/commit/01e6b12f
Tree: http://git-wip-us.apache.org/repos/asf/storm/tree/01e6b12f
Diff: http://git-wip-us.apache.org/repos/asf/storm/diff/01e6b12f
Branch: refs/heads/master
Commit: 01e6b12fc9a62e496998cd84f18991b50fc542d9
Parents: 1f35f41 8f35304
Author: Robert (Bobby) Evans <ev...@yahoo-inc.com>
Authored: Tue Feb 3 12:56:47 2015 -0600
Committer: Robert (Bobby) Evans <ev...@yahoo-inc.com>
Committed: Tue Feb 3 12:56:47 2015 -0600
----------------------------------------------------------------------
STORM-UI-REST-API.md | 21 +++++++++++++++++++++
storm-core/src/clj/backtype/storm/ui/core.clj | 2 ++
2 files changed, 23 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/storm/blob/01e6b12f/storm-core/src/clj/backtype/storm/ui/core.clj
----------------------------------------------------------------------
diff --cc storm-core/src/clj/backtype/storm/ui/core.clj
index 1b78a65,dddfaac..b36a7a9
--- a/storm-core/src/clj/backtype/storm/ui/core.clj
+++ b/storm-core/src/clj/backtype/storm/ui/core.clj
@@@ -898,12 -901,11 +898,14 @@@
(let [user (.getUserName http-creds-handler servlet-request)]
(assert-authorized-user servlet-request "getTopology" (topology-config id))
(json-response (component-page id component (:window m) (check-include-sys? (:sys m)) user) (:callback m))))
+ (GET "/api/v1/token" [ & m]
+ (json-response (format "{\"antiForgeryToken\": \"%s\"}" *anti-forgery-token*) (:callback m) :serialize-fn identity))
(POST "/api/v1/topology/:id/activate" [:as {:keys [cookies servlet-request]} id]
(with-nimbus nimbus
- (let [tplg (.getTopologyInfo ^Nimbus$Client nimbus id)
+ (let [tplg (->> (doto
+ (GetInfoOptions.)
+ (.set_num_err_choice NumErrorsChoice/NONE))
+ (.getTopologyInfoWithOpts ^Nimbus$Client nimbus id))
name (.get_name tplg)]
(assert-authorized-user servlet-request "activate" (topology-config id))
(.activate nimbus name)