This is an automated email from the ASF dual-hosted git repository.
daijy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new b2a265a HIVE-21927: HiveServer Web UI: Setting the HttpOnly option in
the cookies (Rajkumar Singh, reviewed by Daniel Dai)
b2a265a is described below
commit b2a265a94625851afa3d16b8af44d3d04a0f1579
Author: Daniel Dai <da...@cloudera.com>
AuthorDate: Fri Jun 28 15:03:38 2019 -0700
HIVE-21927: HiveServer Web UI: Setting the HttpOnly option in the cookies
(Rajkumar Singh, reviewed by Daniel Dai)
---
common/src/java/org/apache/hive/http/HttpServer.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/common/src/java/org/apache/hive/http/HttpServer.java
b/common/src/java/org/apache/hive/http/HttpServer.java
index 8968529..35ab7f8 100644
--- a/common/src/java/org/apache/hive/http/HttpServer.java
+++ b/common/src/java/org/apache/hive/http/HttpServer.java
@@ -453,6 +453,7 @@ public class HttpServer {
WebAppContext createWebAppContext(Builder b) {
WebAppContext ctx = new WebAppContext();
setContextAttributes(ctx.getServletContext(), b.contextAttrs);
+ ctx.getServletContext().getSessionCookieConfig().setHttpOnly(true);
ctx.setDisplayName(b.name);
ctx.setContextPath("/");
ctx.setWar(appDir + "/" + b.name);
