[41/50] [abbrv] hadoop git commit: YARN-4769. Add support for CSRF header in the dump capacity scheduler logs and kill app buttons in RM web UI. Contributed by Varun Vasudev

aengineer Thu, 07 Apr 2016 14:47:06 -0700

YARN-4769. Add support for CSRF header in the dump capacity scheduler logs and 
kill app buttons in RM web UI. Contributed by Varun Vasudev



Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/93bacda0
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/93bacda0
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/93bacda0

Branch: refs/heads/HDFS-7240
Commit: 93bacda08bc546612f9278b31f5c38107867630a
Parents: aede8c1
Author: Jian He <jia...@apache.org>
Authored: Wed Apr 6 16:13:47 2016 -0700
Committer: Jian He <jia...@apache.org>
Committed: Wed Apr 6 16:13:47 2016 -0700

----------------------------------------------------------------------
 .../security/http/RestCsrfPreventionFilter.java |  2 +-
 .../hadoop/yarn/server/webapp/AppBlock.java     | 20 ++++++++++++++++++++
 .../webapp/CapacitySchedulerPage.java           |  2 ++
 3 files changed, 23 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/93bacda0/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
----------------------------------------------------------------------
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
index c0f7e39..33579b4 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/RestCsrfPreventionFilter.java
@@ -62,7 +62,7 @@ public class RestCsrfPreventionFilter implements Filter {
   public static final String CUSTOM_METHODS_TO_IGNORE_PARAM =
       "methods-to-ignore";
   static final String  BROWSER_USER_AGENTS_DEFAULT = "^Mozilla.*,^Opera.*";
-  static final String HEADER_DEFAULT = "X-XSRF-HEADER";
+  public static final String HEADER_DEFAULT = "X-XSRF-HEADER";
   static final String  METHODS_TO_IGNORE_DEFAULT = "GET,OPTIONS,HEAD,TRACE";
   private String  headerName = HEADER_DEFAULT;
   private Set<String> methodsToIgnore = null;

http://git-wip-us.apache.org/repos/asf/hadoop/blob/93bacda0/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
----------------------------------------------------------------------
diff --git 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
index 44ed223..69beef2 100644
--- 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
+++ 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/AppBlock.java
@@ -24,12 +24,14 @@ import static 
org.apache.hadoop.yarn.webapp.YarnWebParams.WEB_UI_TYPE;
 
 import java.security.PrivilegedExceptionAction;
 import java.util.Collection;
+import java.util.Map;
 
 import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.http.RestCsrfPreventionFilter;
 import org.apache.hadoop.util.StringUtils;
 import org.apache.hadoop.yarn.api.ApplicationBaseProtocol;
 import 
org.apache.hadoop.yarn.api.protocolrecords.GetApplicationAttemptsRequest;
@@ -143,6 +145,7 @@ public class AppBlock extends HtmlBlock {
           .append(" type: 'PUT',")
           .append(" url: '/ws/v1/cluster/apps/").append(aid).append("/state',")
           .append(" contentType: 'application/json',")
+          .append(getCSRFHeaderString(conf))
           .append(" data: '{\"state\":\"KILLED\"}',")
           .append(" dataType: 'json'")
           .append(" }).done(function(data){")
@@ -369,4 +372,21 @@ public class AppBlock extends HtmlBlock {
   protected LogAggregationStatus getLogAggregationStatus() {
     return null;
   }
+
+  public static String getCSRFHeaderString(Configuration conf) {
+    String ret = "";
+    if (conf.getBoolean(YarnConfiguration.RM_CSRF_ENABLED, false)) {
+      ret = " headers : { '";
+      Map<String, String> filterParams = RestCsrfPreventionFilter
+          .getFilterParams(conf, YarnConfiguration.RM_CSRF_PREFIX);
+      if (filterParams
+          .containsKey(RestCsrfPreventionFilter.CUSTOM_HEADER_PARAM)) {
+        ret += filterParams.get(RestCsrfPreventionFilter.CUSTOM_HEADER_PARAM);
+      } else {
+        ret += RestCsrfPreventionFilter.HEADER_DEFAULT;
+      }
+      ret += "' : 'null' },";
+    }
+    return ret;
+  }
 }

http://git-wip-us.apache.org/repos/asf/hadoop/blob/93bacda0/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
----------------------------------------------------------------------
diff --git 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
index 5abc250..bfa081f 100644
--- 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
+++ 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/CapacitySchedulerPage.java
@@ -42,6 +42,7 @@ import 
org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.PartitionQueueCa
 import 
org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.PartitionResourcesInfo;
 import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.ResourceInfo;
 import org.apache.hadoop.yarn.server.security.ApplicationACLsManager;
+import org.apache.hadoop.yarn.server.webapp.AppBlock;
 import org.apache.hadoop.yarn.util.Times;
 import org.apache.hadoop.yarn.util.resource.Resources;
 import org.apache.hadoop.yarn.webapp.ResponseInfo;
@@ -357,6 +358,7 @@ class CapacitySchedulerPage extends RmView {
           .append(" type: 'POST',")
           .append(" url: '/ws/v1/cluster/scheduler/logs',")
           .append(" contentType: 'text/plain',")
+          .append(AppBlock.getCSRFHeaderString(rm.getConfig()))
           .append(" data: 'time=' + timePeriod,")
           .append(" dataType: 'text'")
           .append(" }).done(function(data){")

[41/50] [abbrv] hadoop git commit: YARN-4769. Add support for CSRF header in the dump capacity scheduler logs and kill app buttons in RM web UI. Contributed by Varun Vasudev

Reply via email to