[GitHub] spark pull request #21464: [WEBUI] Avoid possibility of script in query para...

srowen Wed, 30 May 2018 14:39:50 -0700

GitHub user srowen opened a pull request:

    https://github.com/apache/spark/pull/21464


    [WEBUI] Avoid possibility of script in query param keys

    As discussed separately, this avoids the possibility of XSS on certain 
request param keys.
    
    CC @vanzin 


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/srowen/spark XSS2

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/spark/pull/21464.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #21464
    
----
commit aad159c561094b53a719c8950fa087dacd1d9d8d
Author: Sean Owen <srowen@...>
Date:   2018-05-30T21:37:40Z

    Similar to SPARK-20393 : avoid possibility of XSS in query param keys

----


---

---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org

[GitHub] spark pull request #21464: [WEBUI] Avoid possibility of script in query para...

Reply via email to