[spark] branch master updated: [SPARK-45248][CORE] Set the timeout for spark ui server

Mon, 25 Sep 2023 20:38:44 -0700 

This is an automated email from the ASF dual-hosted git repository.

srowen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/spark.git


The following commit(s) were added to refs/heads/master by this push:
     new 273a375cd314 [SPARK-45248][CORE] Set the timeout for spark ui server
273a375cd314 is described below

commit 273a375cd314fbf52b5f2538526374f6b24fb2cf
Author: chenyu <119398199+chenyu-opensou...@users.noreply.github.com>
AuthorDate: Mon Sep 25 22:38:27 2023 -0500

    [SPARK-45248][CORE] Set the timeout for spark ui server
    
    **What changes were proposed in this pull request?**
    The PR supports to set the timeout for spark ui server.
    
    **Why are the changes needed?**
    It can avoid slow HTTP Denial of Service Attack because the jetty server's 
timeout is 300000 for deafult.
    
    **Does this PR introduce any user-facing change?**
    No
    
    **How was this patch tested?**
    Manual review
    
    **Was this patch authored or co-authored using generative AI tooling?**
    No
    
    Closes #43078 from chenyu-opensource/branch-SPARK-45248-new.
    
    Authored-by: chenyu <119398199+chenyu-opensou...@users.noreply.github.com>
    Signed-off-by: Sean Owen <sro...@gmail.com>
---
 core/src/main/scala/org/apache/spark/ui/JettyUtils.scala | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/main/scala/org/apache/spark/ui/JettyUtils.scala 
b/core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
index 9582bdbf5264..22adcbc32ed8 100644
--- a/core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
+++ b/core/src/main/scala/org/apache/spark/ui/JettyUtils.scala
@@ -296,6 +296,8 @@ private[spark] object JettyUtils extends Logging {
         connector.setPort(port)
         connector.setHost(hostName)
         connector.setReuseAddress(!Utils.isWindows)
+         // spark-45248: set the idle timeout to prevent slow DoS
+        connector.setIdleTimeout(8000)
 
         // Currently we only use "SelectChannelConnector"
         // Limit the max acceptor number to 8 so that we don't waste a lot of 
threads


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org
For additional commands, e-mail: commits-h...@spark.apache.org

Reply via email to