You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by ae...@apache.org on 2017/07/19 17:39:31 UTC
hadoop git commit: HDFS-12158. Secondary Namenode's web interface
lack configs for X-FRAME-OPTIONS protection. Contributed by Mukul Kumar
Singh.
Repository: hadoop
Updated Branches:
refs/heads/trunk 04ff412da -> 413b23eb0
HDFS-12158. Secondary Namenode's web interface lack configs for X-FRAME-OPTIONS protection. Contributed by Mukul Kumar Singh.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/413b23eb
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/413b23eb
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/413b23eb
Branch: refs/heads/trunk
Commit: 413b23eb04eee24275257ab462133e0818f87449
Parents: 04ff412
Author: Anu Engineer <ae...@apache.org>
Authored: Wed Jul 19 10:29:06 2017 -0700
Committer: Anu Engineer <ae...@apache.org>
Committed: Wed Jul 19 10:29:06 2017 -0700
----------------------------------------------------------------------
.../hdfs/server/namenode/SecondaryNameNode.java | 10 +++++++++
.../namenode/TestNameNodeHttpServerXFrame.java | 22 ++++++++++++++++++++
2 files changed, 32 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/413b23eb/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
index 6dd085a..ff83e34 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
@@ -479,6 +479,16 @@ public class SecondaryNameNode implements Runnable,
DFS_SECONDARY_NAMENODE_KERBEROS_INTERNAL_SPNEGO_PRINCIPAL_KEY,
DFSConfigKeys.DFS_SECONDARY_NAMENODE_KEYTAB_FILE_KEY);
+ final boolean xFrameEnabled = conf.getBoolean(
+ DFSConfigKeys.DFS_XFRAME_OPTION_ENABLED,
+ DFSConfigKeys.DFS_XFRAME_OPTION_ENABLED_DEFAULT);
+
+ final String xFrameOptionValue = conf.getTrimmed(
+ DFSConfigKeys.DFS_XFRAME_OPTION_VALUE,
+ DFSConfigKeys.DFS_XFRAME_OPTION_VALUE_DEFAULT);
+
+ builder.configureXFrame(xFrameEnabled).setXFrameOption(xFrameOptionValue);
+
infoServer = builder.build();
infoServer.setAttribute("secondary.name.node", this);
infoServer.setAttribute("name.system.image", checkpointImage);
http://git-wip-us.apache.org/repos/asf/hadoop/blob/413b23eb/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNameNodeHttpServerXFrame.java
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNameNodeHttpServerXFrame.java b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNameNodeHttpServerXFrame.java
index 947e951..aaa713e 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNameNodeHttpServerXFrame.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNameNodeHttpServerXFrame.java
@@ -18,6 +18,7 @@
package org.apache.hadoop.hdfs.server.namenode;
import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.hdfs.DFSConfigKeys;
import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.http.HttpServer2;
@@ -32,6 +33,7 @@ import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.URL;
+import java.net.URI;
/**
* A class to test the XFrameoptions of Namenode HTTP Server. We are not reusing
@@ -94,4 +96,24 @@ public class TestNameNodeHttpServerXFrame {
conn.connect();
return conn;
}
+
+ @Test
+ public void testSecondaryNameNodeXFrame() throws IOException {
+ Configuration conf = new HdfsConfiguration();
+ FileSystem.setDefaultUri(conf, "hdfs://localhost:0");
+
+ SecondaryNameNode sn = new SecondaryNameNode(conf);
+ sn.startInfoServer();
+ InetSocketAddress httpAddress = SecondaryNameNode.getHttpAddress(conf);
+
+ URL url = URI.create("http://" + httpAddress.getHostName()
+ + ":" + httpAddress.getPort()).toURL();
+ HttpURLConnection conn = (HttpURLConnection) url.openConnection();
+ conn.connect();
+ String xfoHeader = conn.getHeaderField("X-FRAME-OPTIONS");
+ Assert.assertTrue("X-FRAME-OPTIONS is absent in the header",
+ xfoHeader != null);
+ Assert.assertTrue(xfoHeader.endsWith(HttpServer2.XFrameOption
+ .SAMEORIGIN.toString()));
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org