[jira] [Commented] (STORM-608) Storm UI CSRF escape characters not work correctly

Sat, 03 Jan 2015 14:37:58 -0800 

    [ 
https://issues.apache.org/jira/browse/STORM-608?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14263655#comment-14263655
 ] 

ASF GitHub Bot commented on STORM-608:
--------------------------------------

GitHub user harshach opened a pull request:

    https://github.com/apache/storm/pull/371

     STORM-608. Storm UI CSRF escape characters not work correctly.

    

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/harshach/incubator-storm STORM-608

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/storm/pull/371.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #371
    
----
commit 37442e5dec821745f99f57e256470e8d1a9c6112
Author: Sriharsha Chintalapani <[email protected]>
Date:   2015-01-03T22:31:11Z

    STORM-608. Storm UI CSRF escape characters not work correctly.

commit 8f3530404f3550415146c484d31765028c0d98b9
Author: Sriharsha Chintalapani <[email protected]>
Date:   2015-01-03T22:32:57Z

    STORM-608. Storm UI CSRF escape characters not work correctly.

----


> Storm UI CSRF escape characters not work correctly
> --------------------------------------------------
>
>                 Key: STORM-608
>                 URL: https://issues.apache.org/jira/browse/STORM-608
>             Project: Apache Storm
>          Issue Type: Bug
>    Affects Versions: 0.9.3
>            Reporter: Xiaoyong Zhu
>            Priority: Minor
>
> When trying to use the REST API to active or detactive storm topology using 
> C# Httpclient, there are random failures.
> I do some more investigate about the random error 
> We find some x-csrf-token getting from the first http get request contains 
> “\/”, for example 
> “\/dE\/k8N5H0Ora1IY9UAfx3fc7M4b0EZOMbWUXdUNn9IitAjOhmup+OiHx\/v5W+kUuWu4TkBsFsfvd7Km”
> which will fail.
> If I replace \/ with /  and this should be  
> /dE/k8N5H0Ora1IY9UAfx3fc7M4b0EZOMbWUXdUNn9IitAjOhmup+OiHx/v5W+kUuWu4TkBsFsfvd7Km,
> and the second token could work successfully while the first does not.
> we assume this is caused by some escape letters.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to