[
https://issues.apache.org/jira/browse/FALCON-2082?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15388841#comment-15388841
]
ASF GitHub Bot commented on FALCON-2082:
----------------------------------------
GitHub user yzheng-hortonworks opened a pull request:
https://github.com/apache/falcon/pull/238
FALCON-2082 Add CSRF filter for REST APIs
Provide user an option to enable CSRF filter or not. Tested with empty
header and CSRF filter enabled that GET methods get accepted while POST methods
are rejected as expected. See picture below. Unit tests will be added in a
separate pull request.
Note: Tested with Hadoop 2.8.0 unreleased version. Need to wait until 2.8.0
release to commit.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/yzheng-hortonworks/falcon FALCON-2082
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/falcon/pull/238.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #238
----
----
> Add CSRF filter for REST APIs
> -----------------------------
>
> Key: FALCON-2082
> URL: https://issues.apache.org/jira/browse/FALCON-2082
> Project: Falcon
> Issue Type: Improvement
> Reporter: Ying Zheng
> Assignee: Ying Zheng
> Attachments: Screen Shot 2016-07-19 at 4.54.29 PM.png
>
>
> A CSRF filter was added to Hadoop common
> (https://issues.apache.org/jira/browse/HADOOP-12691). This JIRA is to
> integrate this filter into Falcon REST API post methods.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
