[
https://issues.apache.org/jira/browse/MAPREDUCE-3804?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13201652#comment-13201652
]
Robert Joseph Evans commented on MAPREDUCE-3804:
------------------------------------------------
The patch looks good to me +1. Could you please file a separate JIRA for the
failure in
org.apache.hadoop.yarn.server.nodemanager.containermanager.monitor.TestContainersMonitor.
It appears to not be related to this fix at all, but I could not find another
JIRA for it, even though I found others where it also failed for them.
> yarn webapp interface vulnerable to cross scripting attacks
> -----------------------------------------------------------
>
> Key: MAPREDUCE-3804
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-3804
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: jobhistoryserver, mrv2, resourcemanager
> Affects Versions: 0.23.0
> Reporter: Dave Thompson
> Assignee: Dave Thompson
> Fix For: 0.23.1
>
> Attachments: MAPREDUCE-3804.patch, MAPREDUCE-3804.patch,
> MAPREDUCE_3804_br_0.23.0.patch
>
>
> Yarn webapp interface may be vulnerable to certain cross scripting attacks,
> injected through URL request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
