[ https://issues.apache.org/jira/browse/HBASE-17424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-17424: ----------------------------------- Fix Version/s: (was: 1.4.0) > Protect REST client against malicious XML responses. > ---------------------------------------------------- > > Key: HBASE-17424 > URL: https://issues.apache.org/jira/browse/HBASE-17424 > Project: HBase > Issue Type: Bug > Components: REST > Reporter: Josh Elser > Assignee: Josh Elser > Fix For: 2.0.0, 1.3.0, 1.2.5, 1.1.9 > > Attachments: HBASE-17424.001.patch, HBASE-17424.002.patch > > > If, by some means, an unsuspecting REST server client would get a malformed > response from the REST server, it could result in the client performing some > unintended action from the XML parsing. > We should disable these extra options on the XML parser to prevent the > possibility. -- This message was sent by Atlassian JIRA (v6.4.14#64029)