[ https://issues.apache.org/jira/browse/YARN-4737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15172067#comment-15172067 ]
Varun Vasudev edited comment on YARN-4737 at 2/29/16 4:11 PM: -------------------------------------------------------------- [~jmaron] - to my knowledge the only web UI that uses the web services call via javascript is the Tez UI. There is a branch to change the RM UI to use javascript and web services as well. However, all of these should be using GET calls only so I suspect they won't be affected by this change. was (Author: vvasudev): [~jmaron] - to my knowledge the only web UI that uses the web services call via javascript is the Tez UI. However there is a branch to change the RM UI to use javascript and web services as well. > Use CSRF Filter in YARN > ----------------------- > > Key: YARN-4737 > URL: https://issues.apache.org/jira/browse/YARN-4737 > Project: Hadoop YARN > Issue Type: Bug > Components: nodemanager, resourcemanager, webapp > Reporter: Jonathan Maron > Assignee: Jonathan Maron > Attachments: YARN-4737.patch.001 > > > A CSRF filter was added to hadoop common > (https://issues.apache.org/jira/browse/HADOOP-12691). The aim of this JIRA > is to come up with a mechanism to integrate this filter into the webapps for > which it is applicable (web apps that may establish an authenticated > identity). That includes the RM, NM, and mapreduce jobhistory web app. -- This message was sent by Atlassian JIRA (v6.3.4#6332)