[
https://issues.apache.org/jira/browse/HADOOP-12234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14636135#comment-14636135
]
Apekshit Sharma commented on HADOOP-12234:
------------------------------------------
bq. Please update your patch to maintain the original authorship and license
header (see the source header policy for details, under "third party works").
Also please add the appropriate addition to the top-level LICENSE.txt file.
Sorry, didn't know about licensing stuff. Fixed now. Since tests were written
by me, they still have the apache license.
Please let me know if it needs to be back-ported to other branches.
Thanks.
> Web UI Framable Page
> --------------------
>
> Key: HADOOP-12234
> URL: https://issues.apache.org/jira/browse/HADOOP-12234
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Apekshit Sharma
> Assignee: Apekshit Sharma
> Attachments: HADOOP-12234-v2-master.patch, HADOOP-12234.patch
>
>
> The web UIs do not include the "X-Frame-Options" header to prevent the pages
> from being framed from another site.
> Reference:
> https://www.owasp.org/index.php/Clickjacking
> https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
> https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
