[Impala-ASF-CR] IMPALA-8584: Add cookie support to the HTTP HS2 server

Thu, 22 Aug 2019 14:14:11 -0700 

Tim Armstrong has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/13672 )

Change subject: IMPALA-8584: Add cookie support to the HTTP HS2 server
......................................................................


Patch Set 6:

(2 comments)

LGTM. I had one final question about whether we need to be defensive about 
cookie verification to prevent it from using a lot of CPU in pathological cases.

http://gerrit.cloudera.org:8080/#/c/13672/5/be/src/rpc/cookie-util.cc
File be/src/rpc/cookie-util.cc:

http://gerrit.cloudera.org:8080/#/c/13672/5/be/src/rpc/cookie-util.cc@104
PS5, Line 104:
> Yeah, I guess my thinking was that it doesn't really matter what RNG we use
I don't really have a better suggestion, it would probably be overcomplicating 
it to use something else. Maybe worth leaving a comment here that explains what 
you just said in your comment.


http://gerrit.cloudera.org:8080/#/c/13672/6/be/src/transport/THttpServer.cpp
File be/src/transport/THttpServer.cpp:

http://gerrit.cloudera.org:8080/#/c/13672/6/be/src/transport/THttpServer.cpp@181
PS6, Line 181:     vector<string> cookies = strings::Split(cookie_value_, ";");
I thought about whether it would be a good idea to limit the number of cookies 
we check (or the aggregate size of the cookies) to prevent potentially 
pathological behaviour. It could potentially be quite expensive to check a 
large number of cookies.



--
To view, visit http://gerrit.cloudera.org:8080/13672
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: Impala-ASF
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I647c06f94ef91aa3b6413e91576c4ec506ed57f4
Gerrit-Change-Number: 13672
Gerrit-PatchSet: 6
Gerrit-Owner: Thomas Tauber-Marshall <tmarsh...@cloudera.com>
Gerrit-Reviewer: Andrew Sherman <asher...@cloudera.com>
Gerrit-Reviewer: Impala Public Jenkins <impala-public-jenk...@cloudera.com>
Gerrit-Reviewer: Thomas Tauber-Marshall <tmarsh...@cloudera.com>
Gerrit-Reviewer: Tim Armstrong <tarmstr...@cloudera.com>
Gerrit-Reviewer: Todd Lipcon <t...@apache.org>
Gerrit-Comment-Date: Thu, 22 Aug 2019 21:13:42 +0000
Gerrit-HasComments: Yes

Reply via email to