----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73829/#review224024 -----------------------------------------------------------
Ship it! Ship It! - Mateen Mansoori On Feb. 4, 2022, 4:37 a.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73829/ > ----------------------------------------------------------- > > (Updated Feb. 4, 2022, 4:37 a.m.) > > > Review request for ranger, bhavik patel, Abhay Kulkarni, Mateen Mansoori, > Madhan Neethiraj, Mateen Mansoori, Mehul Parikh, Mateen Mansoori, Ramesh > Mani, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-3542 > https://issues.apache.org/jira/browse/RANGER-3542 > > > Repository: ranger > > > Description > ------- > > **Problem Statement** At > https://github.com/apache/ranger/blob/0258fcf7ab25473b056fffc103840806c18fdcad/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java#L243 > > we have wrong check: > mIsSSL = StringUtils.containsIgnoreCase(mUrl, "https"); > This can trigger inadvertently if the host name just happens to have "https" > in the name. Better/safer to use Java URL to parse mUrl and look at the > protocol explicitly. > > For example: http://my.serverhttps.com would trigger as an ssl enabled > endpoint. > > **Proposed Solution:** We should check if url start with https or not and act > accordingly. > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java > be9b8263b > > > Diff: https://reviews.apache.org/r/73829/diff/1/ > > > Testing > ------- > > On a node having host name myhttpsserver, tested the patch and approach is > working as expected. > > > Thanks, > > Pradeep Agrawal > >
