You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Josh Elser (JIRA)" <ji...@apache.org> on 2017/01/04 20:43:58 UTC
[jira] [Created] (HBASE-17424) Protect REST client against
malicious XML responses.
Josh Elser created HBASE-17424:
----------------------------------
Summary: Protect REST client against malicious XML responses.
Key: HBASE-17424
URL: https://issues.apache.org/jira/browse/HBASE-17424
Project: HBase
Issue Type: Bug
Components: REST
Reporter: Josh Elser
Assignee: Josh Elser
Fix For: 2.0.0, 1.3.0, 1.4.0, 1.2.5, 1.1.9
If, by some means, an unsuspecting REST server client would get a malformed response from the REST server, it could result in the client performing some unintended action from the XML parsing.
We should disable these extra options on the XML parser to prevent the possibility.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)