[
https://issues.apache.org/jira/browse/HBASE-15187?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15127170#comment-15127170
]
Ted Yu commented on HBASE-15187:
--------------------------------
bq. Is it possible to use this method instead of adding the extra parameter
In the modified tests, REST calls with and without extra header are interleaved.
This means wrapping calls which are supposed to carry extra header with calls
to addExtraHeader() / removeExtraHeader()
In my opinion, that is not as concise as the current formation.
I can modify post() with extraHdr parameter if you think my thinking is
plausible.
> Integrate CSRF prevention filter to REST gateway
> ------------------------------------------------
>
> Key: HBASE-15187
> URL: https://issues.apache.org/jira/browse/HBASE-15187
> Project: HBase
> Issue Type: Bug
> Reporter: Ted Yu
> Assignee: Ted Yu
> Attachments: HBASE-15187.v1.patch, HBASE-15187.v2.patch
>
>
> HADOOP-12691 introduced a filter in Hadoop Common to help REST APIs guard
> against cross-site request forgery attacks.
> This issue tracks the integration of that filter into HBase REST gateway.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
