HDFS-11441. Add escaping to error message in KMS web UI. Contributed by Aaron T. Myers.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/ec839b94 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/ec839b94 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/ec839b94 Branch: refs/heads/YARN-5972 Commit: ec839b94c0eb3f09e74f8a3b0bc9a08b3f5418b2 Parents: 209ecd1 Author: Andrew Wang <w...@apache.org> Authored: Mon Mar 6 10:47:15 2017 -0800 Committer: Andrew Wang <w...@apache.org> Committed: Mon Mar 6 10:47:15 2017 -0800 ---------------------------------------------------------------------- .../hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/ec839b94/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java index 45e48e9..3e98a25 100644 --- a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java +++ b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java @@ -20,6 +20,7 @@ package org.apache.hadoop.crypto.key.kms.server; import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.crypto.key.kms.KMSDelegationToken; +import org.apache.hadoop.http.HtmlQuoting; import org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler; import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler; import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter; @@ -105,7 +106,7 @@ public class KMSAuthenticationFilter public void sendError(int sc, String msg) throws IOException { statusCode = sc; this.msg = msg; - super.sendError(sc, msg); + super.sendError(sc, HtmlQuoting.quoteHtmlChars(msg)); } @Override --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-commits-h...@hadoop.apache.org