This is an automated email from the ASF dual-hosted git repository.
snemeth pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/trunk by this push:
new df30d8e YARN-9727: Allowed Origin pattern is discouraged if regex
contains *. Contributed by Zoltan Siegl
df30d8e is described below
commit df30d8ea092cddc037482bc60fc790b26b577963
Author: Szilard Nemeth <[email protected]>
AuthorDate: Fri Aug 9 09:34:23 2019 +0200
YARN-9727: Allowed Origin pattern is discouraged if regex contains *.
Contributed by Zoltan Siegl
---
.../main/java/org/apache/hadoop/security/http/CrossOriginFilter.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/CrossOriginFilter.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/CrossOriginFilter.java
index 02c168f..60c2864 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/CrossOriginFilter.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/CrossOriginFilter.java
@@ -197,7 +197,7 @@ public class CrossOriginFilter implements Filter {
LOG.info("Allowed Origins: " + StringUtils.join(allowedOrigins, ','));
LOG.info("Allow All Origins: " + allowAllOrigins);
List<String> discouragedAllowedOrigins = allowedOrigins.stream()
- .filter(s -> s.length() > 1 && s.contains("*"))
+ .filter(s -> s.length() > 1 && s.contains("*") &&
!(s.startsWith(ALLOWED_ORIGINS_REGEX_PREFIX)))
.collect(Collectors.toList());
for (String discouragedAllowedOrigin : discouragedAllowedOrigins) {
LOG.warn("Allowed Origin pattern '" + discouragedAllowedOrigin + "' is
discouraged, use the 'regex:' prefix and use a Java regular expression
instead.");
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]