[ https://issues.apache.org/jira/browse/HADOOP-14908?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16190051#comment-16190051 ]
Allen Wittenauer commented on HADOOP-14908: ------------------------------------------- +1 committing this to trunk > CrossOriginFilter should trigger regex on more input > ---------------------------------------------------- > > Key: HADOOP-14908 > URL: https://issues.apache.org/jira/browse/HADOOP-14908 > Project: Hadoop Common > Issue Type: Improvement > Components: common, security > Affects Versions: 3.0.0-beta1 > Reporter: Allen Wittenauer > Assignee: Johannes Alberti > Attachments: HADOOP-14908-PR279.patch > > > Currently, CrossOriginFilter.java limits regex matching only if there is an > asterisk (\*) in the config. > {code} > if (allowedOrigin.contains("*")) { > {code} > This means that entries such as: > {code} > http?://foo.example.com > https://[a-z][0-9].example.com > {code} > ... and other patterns that succinctly limit the input space need to either > be fully expanded or dramatically have their space increased by using an > asterisk in order to pass through the filter. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org