Repository: hadoop Updated Branches: refs/heads/trunk 8e03e855b -> 453913110
HADOOP-12584. Disable browsing the static directory in HttpServer2. Contributed by Robert Kanter. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/45391311 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/45391311 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/45391311 Branch: refs/heads/trunk Commit: 4539131102e01bd150d147c16e33d0dd1e9a031a Parents: 8e03e85 Author: Haohui Mai <whe...@apache.org> Authored: Thu Nov 19 15:47:31 2015 -0800 Committer: Haohui Mai <whe...@apache.org> Committed: Thu Nov 19 15:47:31 2015 -0800 ---------------------------------------------------------------------- hadoop-common-project/hadoop-common/CHANGES.txt | 3 +++ .../src/main/java/org/apache/hadoop/http/HttpServer2.java | 3 +++ 2 files changed, 6 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/45391311/hadoop-common-project/hadoop-common/CHANGES.txt ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index 3058799..48c11b4 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -1429,6 +1429,9 @@ Release 2.8.0 - UNRELEASED HADOOP-11901. BytesWritable fails to support 2G chunks due to integer overflow. (Reynold Xin via wheat9) + HADOOP-12584. Disable browsing the static directory in HttpServer2. + (Robert Kanter via wheat9) + Release 2.7.3 - UNRELEASED INCOMPATIBLE CHANGES http://git-wip-us.apache.org/repos/asf/hadoop/blob/45391311/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java index d593205..633180c 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java @@ -530,6 +530,9 @@ public final class HttpServer2 implements FilterContainer { staticContext.setResourceBase(appDir + "/static"); staticContext.addServlet(DefaultServlet.class, "/*"); staticContext.setDisplayName("static"); + @SuppressWarnings("unchecked") + Map<String, String> params = staticContext.getInitParams(); + params.put("org.mortbay.jetty.servlet.Default.dirAllowed", "false"); setContextAttributes(staticContext, conf); defaultContexts.put(staticContext, true); }
