[jira] [Commented] (HBASE-15187) Integrate CSRF prevention filter to REST gateway

Ted Yu (JIRA) Mon, 01 Feb 2016 14:49:59 -0800

    [ 
https://issues.apache.org/jira/browse/HBASE-15187?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15127190#comment-15127190
 ]


Ted Yu commented on HBASE-15187:
--------------------------------

w.r.t. importance of the fix, see linked HDFS JIRA.

I would say the fix is must have for deployments where REST gateway operates in 
secure cluster.

> Integrate CSRF prevention filter to REST gateway
> ------------------------------------------------
>
>                 Key: HBASE-15187
>                 URL: https://issues.apache.org/jira/browse/HBASE-15187
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Ted Yu
>         Attachments: HBASE-15187.v1.patch, HBASE-15187.v2.patch
>
>
> HADOOP-12691 introduced a filter in Hadoop Common to help REST APIs guard 
> against cross-site request forgery attacks.
> This issue tracks the integration of that filter into HBase REST gateway.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HBASE-15187) Integrate CSRF prevention filter to REST gateway

Reply via email to