You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@ambari.apache.org by Attila Magyar <am...@hortonworks.com> on 2017/04/24 07:32:06 UTC
Review Request 58657: Remove user input from invalid renderer error
message
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58657/
-----------------------------------------------------------
Review request for Ambari, Attila Doroszlai, Laszlo Puskas, Robert Levas, and Sebastian Toader.
Bugs: AMBARI-20823
https://issues.apache.org/jira/browse/AMBARI-20823
Repository: ambari
Description
-------
Remove user input from invalid renderer error message to avoid potential XSS attacks.
throw new IllegalArgumentException("Invalid renderer name: " + name + " for resource of type: " + m_type);
should be removed and the error message changed to: "Invalid renderer name for resource of type <resource type>"
Diffs
-----
ambari-server/src/main/java/org/apache/ambari/server/api/resources/BaseResourceDefinition.java 99bcd03
ambari-server/src/test/java/org/apache/ambari/server/api/resources/BaseResourceDefinitionTest.java e076268
Diff: https://reviews.apache.org/r/58657/diff/1/
Testing
-------
modified existing unittest
existing tests: PENDING
Thanks,
Attila Magyar
Re: Review Request 58657: Remove user input from invalid renderer
error message
Posted by Sebastian Toader <st...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58657/#review172761
-----------------------------------------------------------
Ship it!
Ship It!
- Sebastian Toader
On April 24, 2017, 9:59 a.m., Attila Magyar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58657/
> -----------------------------------------------------------
>
> (Updated April 24, 2017, 9:59 a.m.)
>
>
> Review request for Ambari, Attila Doroszlai, Laszlo Puskas, Robert Levas, and Sebastian Toader.
>
>
> Bugs: AMBARI-20823
> https://issues.apache.org/jira/browse/AMBARI-20823
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Remove user input from invalid renderer error message to avoid potential XSS attacks.
>
> throw new IllegalArgumentException("Invalid renderer name: " + name + " for resource of type: " + m_type);
> should be removed and the error message changed to: "Invalid renderer name for resource of type <resource type>"
>
>
> Diffs
> -----
>
> ambari-server/src/main/java/org/apache/ambari/server/api/resources/BaseResourceDefinition.java 99bcd03
> ambari-server/src/test/java/org/apache/ambari/server/api/resources/BaseResourceDefinitionTest.java e076268
>
>
> Diff: https://reviews.apache.org/r/58657/diff/1/
>
>
> Testing
> -------
>
> modified existing unittest
>
> existing tests: passed
>
>
> Thanks,
>
> Attila Magyar
>
>
Re: Review Request 58657: Remove user input from invalid renderer
error message
Posted by Attila Doroszlai <ad...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58657/#review172762
-----------------------------------------------------------
Ship it!
Ship It!
- Attila Doroszlai
On April 24, 2017, 9:59 a.m., Attila Magyar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58657/
> -----------------------------------------------------------
>
> (Updated April 24, 2017, 9:59 a.m.)
>
>
> Review request for Ambari, Attila Doroszlai, Laszlo Puskas, Robert Levas, and Sebastian Toader.
>
>
> Bugs: AMBARI-20823
> https://issues.apache.org/jira/browse/AMBARI-20823
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Remove user input from invalid renderer error message to avoid potential XSS attacks.
>
> throw new IllegalArgumentException("Invalid renderer name: " + name + " for resource of type: " + m_type);
> should be removed and the error message changed to: "Invalid renderer name for resource of type <resource type>"
>
>
> Diffs
> -----
>
> ambari-server/src/main/java/org/apache/ambari/server/api/resources/BaseResourceDefinition.java 99bcd03
> ambari-server/src/test/java/org/apache/ambari/server/api/resources/BaseResourceDefinitionTest.java e076268
>
>
> Diff: https://reviews.apache.org/r/58657/diff/1/
>
>
> Testing
> -------
>
> modified existing unittest
>
> existing tests: passed
>
>
> Thanks,
>
> Attila Magyar
>
>
Re: Review Request 58657: Remove user input from invalid renderer
error message
Posted by Robert Levas <rl...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58657/#review172763
-----------------------------------------------------------
Ship it!
Ship It!
- Robert Levas
On April 24, 2017, 3:59 a.m., Attila Magyar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58657/
> -----------------------------------------------------------
>
> (Updated April 24, 2017, 3:59 a.m.)
>
>
> Review request for Ambari, Attila Doroszlai, Laszlo Puskas, Robert Levas, and Sebastian Toader.
>
>
> Bugs: AMBARI-20823
> https://issues.apache.org/jira/browse/AMBARI-20823
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Remove user input from invalid renderer error message to avoid potential XSS attacks.
>
> throw new IllegalArgumentException("Invalid renderer name: " + name + " for resource of type: " + m_type);
> should be removed and the error message changed to: "Invalid renderer name for resource of type <resource type>"
>
>
> Diffs
> -----
>
> ambari-server/src/main/java/org/apache/ambari/server/api/resources/BaseResourceDefinition.java 99bcd03
> ambari-server/src/test/java/org/apache/ambari/server/api/resources/BaseResourceDefinitionTest.java e076268
>
>
> Diff: https://reviews.apache.org/r/58657/diff/1/
>
>
> Testing
> -------
>
> modified existing unittest
>
> existing tests: passed
>
>
> Thanks,
>
> Attila Magyar
>
>
Re: Review Request 58657: Remove user input from invalid renderer
error message
Posted by Attila Magyar <am...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58657/
-----------------------------------------------------------
(Updated April 24, 2017, 7:59 a.m.)
Review request for Ambari, Attila Doroszlai, Laszlo Puskas, Robert Levas, and Sebastian Toader.
Changes
-------
test result
Bugs: AMBARI-20823
https://issues.apache.org/jira/browse/AMBARI-20823
Repository: ambari
Description
-------
Remove user input from invalid renderer error message to avoid potential XSS attacks.
throw new IllegalArgumentException("Invalid renderer name: " + name + " for resource of type: " + m_type);
should be removed and the error message changed to: "Invalid renderer name for resource of type <resource type>"
Diffs
-----
ambari-server/src/main/java/org/apache/ambari/server/api/resources/BaseResourceDefinition.java 99bcd03
ambari-server/src/test/java/org/apache/ambari/server/api/resources/BaseResourceDefinitionTest.java e076268
Diff: https://reviews.apache.org/r/58657/diff/1/
Testing (updated)
-------
modified existing unittest
existing tests: passed
Thanks,
Attila Magyar