Alexander Rojas created MESOS-5682:
--------------------------------------
Summary: The /flags endpoints use authorization but there is a
bypass to get their content
Key: MESOS-5682
URL: https://issues.apache.org/jira/browse/MESOS-5682
Project: Mesos
Issue Type: Bug
Components: master, slave
Reporter: Alexander Rojas
Priority: Minor
The {{/flags}} endpoints use authorization in both, master and agent. However
the contents of the flags are available without any need for authorization by
accessing the {{/state}} endpoints on both, master and agents.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
