[jira] Commented: (HADOOP-5442) The job history display needs to be paged

Mon, 16 Mar 2009 11:42:12 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-5442?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12682405#action_12682405
 ] 

Amar Kamat commented on HADOOP-5442:
------------------------------------

Result of test-patch
{code}
[exec] -1 overall.  
     [exec] 
     [exec]     +1 @author.  The patch does not contain any @author tags.
     [exec] 
     [exec]     -1 tests included.  The patch doesn't appear to include any new 
or modified tests.
     [exec]                         Please justify why no tests are needed for 
this patch.
     [exec] 
     [exec]     +1 javadoc.  The javadoc tool did not generate any warning 
messages.
     [exec] 
     [exec]     +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
     [exec] 
     [exec]     -1 findbugs.  The patch appears to introduce 1 new Findbugs 
warnings.
     [exec] 
     [exec]     +1 Eclipse classpath. The patch retains Eclipse classpath 
integrity.
     [exec] 
     [exec]     +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
{code}

The findbugs warning is 
{noformat}
HTTP parameter directly written to JSP output, giving reflected XSS 
vulnerability in org.apache.hadoop.mapred.jobhistory_jsp

In class org.apache.hadoop.mapred.jobhistory_jsp
In method 
org.apache.hadoop.mapred.jobhistory_jsp._jspService(HttpServletRequest, 
HttpServletResponse)
Parameter 'search' Value generated at jobhistory_jsp.java:[line 146]
At jobhistory_jsp.java:[line 226] 
Another occurrence at jobhistory_jsp.java:[line 249] 
Another occurrence at jobhistory_jsp.java:[line 253]
Another occurrence at jobhistory_jsp.java:[line 260]
{noformat}

Here the search string is passed across pages.

> The job history display needs to be paged 
> ------------------------------------------
>
>                 Key: HADOOP-5442
>                 URL: https://issues.apache.org/jira/browse/HADOOP-5442
>             Project: Hadoop Core
>          Issue Type: Bug
>            Reporter: Owen O'Malley
>            Assignee: Amar Kamat
>         Attachments: HADOOP-5442-v1.12.patch, HADOOP-5442-v1.6.patch, 
> HADOOP-5442-v1.9.patch
>
>
> Currently the list of job history will try to render the entire list of jobs 
> that have run. That doesn't scale up as more and more jobs run on a job 
> tracker.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to