[
https://issues.apache.org/jira/browse/HADOOP-5820?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tsz Wo (Nicholas), SZE updated HADOOP-5820:
-------------------------------------------
Resolution: Fixed
Status: Resolved (was: Patch Available)
I tested the web pages manually. Everything is working fine.
I have committed this.
> Fix findbugs warnings for http related codes in hdfs
> ----------------------------------------------------
>
> Key: HADOOP-5820
> URL: https://issues.apache.org/jira/browse/HADOOP-5820
> Project: Hadoop Core
> Issue Type: Bug
> Components: dfs
> Reporter: Tsz Wo (Nicholas), SZE
> Assignee: Tsz Wo (Nicholas), SZE
> Fix For: 0.21.0
>
> Attachments: 5820_20090513.patch
>
>
> There are a few findbugs warnings:
> - HRS HTTP parameter directly written to HTTP header output in
> org.apache.hadoop.hdfs.server.namenode.StreamFile.doGet(HttpServletRequest,
> HttpServletResponse)
> - XSS HTTP parameter directly written to JSP output, giving reflected XSS
> vulnerability in org.apache.hadoop.hdfs.server.datanode.browseBlock_jsp
> - XSS HTTP parameter directly written to JSP output, giving reflected XSS
> vulnerability in org.apache.hadoop.hdfs.server.datanode.browseBlock_jsp
> - XSS HTTP parameter directly written to JSP output, giving reflected XSS
> vulnerability in org.apache.hadoop.hdfs.server.datanode.browseDirectory_jsp
> - XSS HTTP parameter directly written to JSP output, giving reflected XSS
> vulnerability in org.apache.hadoop.hdfs.server.datanode.tail_jsp
> - XSS HTTP parameter directly written to JSP output, giving reflected XSS
> vulnerability in org.apache.hadoop.hdfs.server.datanode.tail_jsp
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
