Repository: hadoop Updated Branches: refs/heads/HDFS-1312 0b4799e22 -> 637acb6bb
HADOOP-12584. Disable browsing the static directory in HttpServer2. Contributed by Robert Kanter. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/56b9500b Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/56b9500b Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/56b9500b Branch: refs/heads/HDFS-1312 Commit: 56b9500bbd44b79c3c3be84a17c97502f923c6f8 Parents: 103d3cf Author: Akira Ajisaka <[email protected]> Authored: Tue Jan 12 13:30:58 2016 +0900 Committer: Akira Ajisaka <[email protected]> Committed: Tue Jan 12 13:34:18 2016 +0900 ---------------------------------------------------------------------- hadoop-common-project/hadoop-common/CHANGES.txt | 3 +++ .../src/main/java/org/apache/hadoop/http/HttpServer2.java | 3 +++ .../src/test/java/org/apache/hadoop/yarn/webapp/TestWebApp.java | 4 +--- 3 files changed, 7 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/56b9500b/hadoop-common-project/hadoop-common/CHANGES.txt ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index 00bef28..6357a09 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -1583,6 +1583,9 @@ Release 2.8.0 - UNRELEASED HADOOP-12551. Introduce FileNotFoundException for WASB FileSystem API (Dushyanth via cnauroth) + HADOOP-12584. Disable browsing the static directory in HttpServer2. + (Robert Kanter via aajisaka) + Release 2.7.3 - UNRELEASED INCOMPATIBLE CHANGES http://git-wip-us.apache.org/repos/asf/hadoop/blob/56b9500b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java index b134ba6..458b65d 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java @@ -543,6 +543,9 @@ public final class HttpServer2 implements FilterContainer { staticContext.setResourceBase(appDir + "/static"); staticContext.addServlet(DefaultServlet.class, "/*"); staticContext.setDisplayName("static"); + @SuppressWarnings("unchecked") + Map<String, String> params = staticContext.getInitParams(); + params.put("org.mortbay.jetty.servlet.Default.dirAllowed", "false"); SessionHandler handler = new SessionHandler(); SessionManager sm = handler.getSessionManager(); if (sm instanceof AbstractSessionManager) { http://git-wip-us.apache.org/repos/asf/hadoop/blob/56b9500b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/webapp/TestWebApp.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/webapp/TestWebApp.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/webapp/TestWebApp.java index 6eaeb2b..acec205 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/webapp/TestWebApp.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/webapp/TestWebApp.java @@ -261,7 +261,7 @@ public class TestWebApp { } // This is to test the GuiceFilter should only be applied to webAppContext, - // not to staticContext and logContext; + // not to logContext; @Test public void testYARNWebAppContext() throws Exception { // setting up the log context System.setProperty("hadoop.log.dir", "/Not/Existing/dir"); @@ -272,8 +272,6 @@ public class TestWebApp { }); String baseUrl = baseUrl(app); try { - // should not redirect to foo - assertFalse("foo".equals(getContent(baseUrl +"static").trim())); // Not able to access a non-existing dir, should not redirect to foo. assertEquals(404, getResponseCode(baseUrl +"logs")); // should be able to redirect to foo.
