Repository: hadoop Updated Branches: refs/heads/branch-2 04d325aff -> 1e40cbba7
YARN-2511. Allowed all origins by default when CrossOriginFilter is enabled. Contributed by Jonathan Eagles. (cherry picked from commit 51a4faf52199b181471d591a9fde900fc166fc48) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/1e40cbba Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/1e40cbba Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/1e40cbba Branch: refs/heads/branch-2 Commit: 1e40cbba7f0ac402328819d3fb8f09e11595117f Parents: 04d325a Author: Zhijie Shen <zjs...@apache.org> Authored: Thu Sep 4 15:01:01 2014 -0700 Committer: Zhijie Shen <zjs...@apache.org> Committed: Thu Sep 4 15:03:50 2014 -0700 ---------------------------------------------------------------------- hadoop-yarn-project/CHANGES.txt | 3 +++ .../server/timeline/webapp/CrossOriginFilter.java | 10 +++++++--- .../timeline/webapp/TestCrossOriginFilter.java | 15 +++++++++++++++ 3 files changed, 25 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/1e40cbba/hadoop-yarn-project/CHANGES.txt ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt index 7f7f367..b7e092a 100644 --- a/hadoop-yarn-project/CHANGES.txt +++ b/hadoop-yarn-project/CHANGES.txt @@ -155,6 +155,9 @@ Release 2.6.0 - UNRELEASED YARN-2509. Enable Cross Origin Filter for timeline server only and not all Yarn servers (Mit Desai via jeagles) + YARN-2511. Allowed all origins by default when CrossOriginFilter is + enabled. (Jonathan Eagles via zjshen) + OPTIMIZATIONS BUG FIXES http://git-wip-us.apache.org/repos/asf/hadoop/blob/1e40cbba/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/webapp/CrossOriginFilter.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/webapp/CrossOriginFilter.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/webapp/CrossOriginFilter.java index a9fb3e8..d71175f 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/webapp/CrossOriginFilter.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/webapp/CrossOriginFilter.java @@ -76,6 +76,7 @@ public class CrossOriginFilter implements Filter { private List<String> allowedMethods = new ArrayList<String>(); private List<String> allowedHeaders = new ArrayList<String>(); private List<String> allowedOrigins = new ArrayList<String>(); + private boolean allowAllOrigins = true; private String maxAge; @Override @@ -171,7 +172,9 @@ public class CrossOriginFilter implements Filter { } allowedOrigins = Arrays.asList(allowedOriginsConfig.trim().split("\\s*,\\s*")); + allowAllOrigins = allowedOrigins.contains("*"); LOG.info("Allowed Origins: " + StringUtils.join(allowedOrigins, ',')); + LOG.info("Allow All Origins: " + allowAllOrigins); } private void initializeMaxAge(FilterConfig filterConfig) { @@ -199,8 +202,9 @@ public class CrossOriginFilter implements Filter { return origin != null; } - private boolean isOriginAllowed(String origin) { - return allowedOrigins.contains(origin); + @VisibleForTesting + boolean isOriginAllowed(String origin) { + return allowAllOrigins || allowedOrigins.contains(origin); } private boolean areHeadersAllowed(String accessControlRequestHeaders) { @@ -213,7 +217,7 @@ public class CrossOriginFilter implements Filter { private boolean isMethodAllowed(String accessControlRequestMethod) { if (accessControlRequestMethod == null) { - return false; + return true; } return allowedMethods.contains(accessControlRequestMethod); } http://git-wip-us.apache.org/repos/asf/hadoop/blob/1e40cbba/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestCrossOriginFilter.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestCrossOriginFilter.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestCrossOriginFilter.java index a29e4a0..f666c21 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestCrossOriginFilter.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestCrossOriginFilter.java @@ -31,6 +31,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.junit.Assert; import org.junit.Test; import static org.mockito.Mockito.when; @@ -66,6 +67,20 @@ public class TestCrossOriginFilter { } @Test + public void testAllowAllOrigins() throws ServletException, IOException { + + // Setup the configuration settings of the server + Map<String, String> conf = new HashMap<String, String>(); + conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "*"); + FilterConfig filterConfig = new FilterConfigTest(conf); + + // Object under test + CrossOriginFilter filter = new CrossOriginFilter(); + filter.init(filterConfig); + Assert.assertTrue(filter.isOriginAllowed("example.org")); + } + + @Test public void testDisallowedOrigin() throws ServletException, IOException { // Setup the configuration settings of the server