Re: Review Request 53788: HTTP responses needs to have the character encoding specified in the content type header

Wed, 23 Nov 2016 15:10:22 -0800 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/53788/#review156797
-----------------------------------------------------------


Ship it!




Ship It!

- Vivek Ratnavel Subramanian


On Nov. 17, 2016, 6:44 p.m., Anita Jebaraj wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/53788/
> -----------------------------------------------------------
> 
> (Updated Nov. 17, 2016, 6:44 p.m.)
> 
> 
> Review request for Ambari, Di Li, Jaimin Jetly, Jonathan Hurley, Robert 
> Levas, Sangeeta Ravindran, and Yusaku Sako.
> 
> 
> Bugs: AMBARI-18871
>     https://issues.apache.org/jira/browse/AMBARI-18871
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> The charset information(UTF-8) can be added to all the response headers to 
> harden the security for the client. When the charset information is not 
> specified the web browser may choose a different encoding by guessing which 
> encoding is actually being used by the web page.
> 
> This specific issue is mentioned in the section 3.1.1.5 of RFC7231
> 
> 
> Diffs
> -----
> 
>   ambari-server/conf/unix/ambari.properties 371653f 
>   ambari-server/conf/windows/ambari.properties e47319e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  15f186b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java
>  423a013 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java
>  aa00ac2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java
>  d1be8cc 
>   
> ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java
>  d812ee6 
> 
> Diff: https://reviews.apache.org/r/53788/diff/
> 
> 
> Testing
> -------
> 
> Ran mvn test.
> 
> The test cases failing in hadoop QA is not related to the patch for this jira
> 
> 
> Thanks,
> 
> Anita Jebaraj
> 
>

Reply via email to