[jira] [Commented] (HIVE-23498) Disable HTTP Trace method on ThriftHttpCliService

Naveen Gangam (Jira) Thu, 21 May 2020 20:14:49 -0700


    [ 
https://issues.apache.org/jira/browse/HIVE-23498?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17113718#comment-17113718
 ]


Naveen Gangam commented on HIVE-23498:
--------------------------------------

[~Rajkumar Singh] Should OPTIONS method also be disabled? or is the 
vulnerability specific to TRACE? Thanks

> Disable HTTP Trace method on ThriftHttpCliService
> -------------------------------------------------
>
>                 Key: HIVE-23498
>                 URL: https://issues.apache.org/jira/browse/HIVE-23498
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2
>    Affects Versions: 3.1.2
>            Reporter: Rajkumar Singh
>            Assignee: Rajkumar Singh
>            Priority: Major
>         Attachments: HIVE-23498.01.patch, HIVE-23498.01.patch, 
> HIVE-23498.patch
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (HIVE-23498) Disable HTTP Trace method on ThriftHttpCliService

Reply via email to