[jira] [Commented] (HBASE-19352) Port HADOOP-10379: Protect authentication cookies with the HttpOnly and Secure flags

Wei-Chiu Chuang (JIRA) Sun, 20 May 2018 12:18:18 -0700

    [ 
https://issues.apache.org/jira/browse/HBASE-19352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16482013#comment-16482013
 ]


Wei-Chiu Chuang commented on HBASE-19352:
-----------------------------------------

HADOOP-11365 (Use Java 7's HttpCookie class to handle Secure and HttpOnly flag) 
is related.

It could make implementation easier use the existing Java API.

> Port HADOOP-10379: Protect authentication cookies with the HttpOnly and 
> Secure flags
> ------------------------------------------------------------------------------------
>
>                 Key: HBASE-19352
>                 URL: https://issues.apache.org/jira/browse/HBASE-19352
>             Project: HBase
>          Issue Type: Bug
>    Affects Versions: 2.0.0
>            Reporter: Esteban Gutierrez
>            Assignee: Esteban Gutierrez
>            Priority: Major
>         Attachments: HBASE-19352.master.v0.patch
>
>
> This came via a security scanner, since we have a fork of HttpServer2 in 
> HBase we should include it too.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (HBASE-19352) Port HADOOP-10379: Protect authentication cookies with the HttpOnly and Secure flags

Reply via email to