[ https://issues.apache.org/jira/browse/SPARK-24522?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Imran Rashid resolved SPARK-24522. ---------------------------------- Resolution: Fixed Fix Version/s: 3.0.0 Issue resolved by pull request 23302 [https://github.com/apache/spark/pull/23302] > Centralize code to deal with security-related HTTP features > ----------------------------------------------------------- > > Key: SPARK-24522 > URL: https://issues.apache.org/jira/browse/SPARK-24522 > Project: Spark > Issue Type: Improvement > Components: Web UI > Affects Versions: 2.4.0 > Reporter: Marcelo Vanzin > Assignee: Marcelo Vanzin > Priority: Major > Fix For: 3.0.0 > > > Currently there's code scattered in a few places to deal with different > HTTP-related security features, such as XSS protection. > The current approach makes it hard to verify that these are applied uniformly > across all of Spark. > We should centralize this code and enforce that it's applied to all UI > handlers. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org