[
https://issues.apache.org/jira/browse/HDFS-5333?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13808257#comment-13808257
]
Haohui Mai commented on HDFS-5333:
----------------------------------
bq. I was referring to MITM on unsecured network (without proper SSL setup) in
general ...
This problem happens in the networking layer and it is orthogonal to SOP.
You'll need to defend against it no matter what UI you're building.
bq. ...turn off javascript and img/embed in their browsers and/or deliberately
use a text based browser that supports neither, to avoid XSS with 100%
confidence
Preventing XSS attacks is orthogonal to what you generate the page (either the
server side or the client side). My previous response has already covered it.
> Improvement of current HDFS Web UI
> ----------------------------------
>
> Key: HDFS-5333
> URL: https://issues.apache.org/jira/browse/HDFS-5333
> Project: Hadoop HDFS
> Issue Type: Improvement
> Affects Versions: 3.0.0
> Reporter: Jing Zhao
> Assignee: Haohui Mai
>
> This is an umbrella jira for improving the current JSP-based HDFS Web UI.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
