----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/53788/#review156797 -----------------------------------------------------------
Ship it! Ship It! - Vivek Ratnavel Subramanian On Nov. 17, 2016, 6:44 p.m., Anita Jebaraj wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/53788/ > ----------------------------------------------------------- > > (Updated Nov. 17, 2016, 6:44 p.m.) > > > Review request for Ambari, Di Li, Jaimin Jetly, Jonathan Hurley, Robert > Levas, Sangeeta Ravindran, and Yusaku Sako. > > > Bugs: AMBARI-18871 > https://issues.apache.org/jira/browse/AMBARI-18871 > > > Repository: ambari > > > Description > ------- > > The charset information(UTF-8) can be added to all the response headers to > harden the security for the client. When the charset information is not > specified the web browser may choose a different encoding by guessing which > encoding is actually being used by the web page. > > This specific issue is mentioned in the section 3.1.1.5 of RFC7231 > > > Diffs > ----- > > ambari-server/conf/unix/ambari.properties 371653f > ambari-server/conf/windows/ambari.properties e47319e > > ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java > 15f186b > > ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java > 423a013 > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java > aa00ac2 > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java > d1be8cc > > ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java > d812ee6 > > Diff: https://reviews.apache.org/r/53788/diff/ > > > Testing > ------- > > Ran mvn test. > > The test cases failing in hadoop QA is not related to the patch for this jira > > > Thanks, > > Anita Jebaraj > >