[ https://issues.apache.org/jira/browse/YARN-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14791225#comment-14791225 ]
Hitesh Shah commented on YARN-4009: ----------------------------------- Couple of questions: {code} if (!initializers.contains(CrossOriginFilterInitializer.class.getName())) { if(conf.getBoolean(YarnConfiguration .TIMELINE_SERVICE_HTTP_CROSS_ORIGIN_ENABLED, YarnConfiguration .TIMELINE_SERVICE_HTTP_CROSS_ORIGIN_ENABLED_DEFAULT)) { initializers = CrossOriginFilterInitializer.class.getName() + "," + initializers; modifiedInitializers = true; } } {code} I see this code in Timeline which makes it easier to enable cross-origin support just for Timeline. I am assuming Timeline also looks at the hadoop filters defined in core-site? What happens when both of these are enabled at the same time with different settings? Not sure if there is a question of selecting enabling cors support for different services such as NN webservices vs RM webservices. Apart from the above, if a global config is good enough, patch looks good. > CORS support for ResourceManager REST API > ----------------------------------------- > > Key: YARN-4009 > URL: https://issues.apache.org/jira/browse/YARN-4009 > Project: Hadoop YARN > Issue Type: Bug > Reporter: Prakash Ramachandran > Assignee: Varun Vasudev > Attachments: YARN-4009.001.patch, YARN-4009.002.patch, > YARN-4009.003.patch, YARN-4009.004.patch > > > Currently the REST API's do not have CORS support. This means any UI (running > in browser) cannot consume the REST API's. For ex Tez UI would like to use > the REST API for getting application, application attempt information exposed > by the API's. > It would be very useful if CORS is enabled for the REST API's. -- This message was sent by Atlassian JIRA (v6.3.4#6332)