[ https://issues.apache.org/jira/browse/HIVE-21902?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16868399#comment-16868399 ]
Hive QA commented on HIVE-21902: -------------------------------- Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12972294/HIVE-21902.patch {color:red}ERROR:{color} -1 due to no test(s) being added or modified. {color:red}ERROR:{color} -1 due to 1 failed/errored test(s), 16173 tests executed *Failed tests:* {noformat} org.apache.hadoop.hive.common.metrics.metrics2.TestCodahaleMetrics.testFileReporting (batchId=297) {noformat} Test results: https://builds.apache.org/job/PreCommit-HIVE-Build/17668/testReport Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/17668/console Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-17668/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.YetusPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase Tests exited with: TestsFailedException: 1 tests failed {noformat} This message is automatically generated. ATTACHMENT ID: 12972294 - PreCommit-HIVE-Build > HiveServer2 UI: Adding X-XSS-Protection, X-Content-Type-Options to jetty > response header > ---------------------------------------------------------------------------------------- > > Key: HIVE-21902 > URL: https://issues.apache.org/jira/browse/HIVE-21902 > Project: Hive > Issue Type: Bug > Reporter: Rajkumar Singh > Assignee: Rajkumar Singh > Priority: Major > Attachments: HIVE-21902.patch > > > some vulnerability are reported for webserver ui > X-Frame-Options or Content-Security-Policy: frame-ancestors HTTP Headers > missing on port 10002. > {code} > GET / HTTP/1.1 > Host: HOSTNAME:10002 > Connection: Keep-Alive > X-XSS-Protection HTTP Header missing on port 10002. > X-Content-Type-Options HTTP Header missing on port 10002. > {code} > after the proposed changes > {code} > HTTP/1.1 200 OK > Date: Thu, 20 Jun 2019 05:29:59 GMT > Content-Type: text/html;charset=utf-8 > X-Content-Type-Options: nosniff > X-FRAME-OPTIONS: SAMEORIGIN > X-XSS-Protection: 1; mode=block > Set-Cookie: JSESSIONID=15kscuow9cmy7qms6dzaxllqt;Path=/ > Expires: Thu, 01 Jan 1970 00:00:00 GMT > Content-Length: 3824 > Server: Jetty(9.3.25.v20180904) > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)