[jira] [Created] (STORM-608) Storm UI CSRF escape characters not work correctly

Xiaoyong Zhu (JIRA) Thu, 25 Dec 2014 21:59:10 -0800

Xiaoyong Zhu created STORM-608:
----------------------------------

             Summary: Storm UI CSRF escape characters not work correctly
                 Key: STORM-608
                 URL: https://issues.apache.org/jira/browse/STORM-608
             Project: Apache Storm
          Issue Type: Bug
    Affects Versions: 0.9.3
            Reporter: Xiaoyong Zhu
            Priority: Minor



When trying to use the REST API to active or detactive storm topology using C# 
Httpclient, there are random failures.
I do some more investigate about the random error 
We find some x-csrf-token getting from the first http get request contains 
“\/”, for example 
“\/dE\/k8N5H0Ora1IY9UAfx3fc7M4b0EZOMbWUXdUNn9IitAjOhmup+OiHx\/v5W+kUuWu4TkBsFsfvd7Km”
which will fail.

If I replace \/ with /  and this should be  
/dE/k8N5H0Ora1IY9UAfx3fc7M4b0EZOMbWUXdUNn9IitAjOhmup+OiHx/v5W+kUuWu4TkBsFsfvd7Km,
and the second token could work successfully while the first does not.
we assume this is caused by some escape letters.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (STORM-608) Storm UI CSRF escape characters not work correctly

Reply via email to