Andrew Sherman has posted comments on this change. ( http://gerrit.cloudera.org:8080/21700 )
Change subject: IMPALA-13310 Add the value of the http 'X-Forwarded-For' header to the runtime profile ...................................................................... Patch Set 1: (1 comment) http://gerrit.cloudera.org:8080/#/c/21700/1/be/src/rpc/authentication.cc File be/src/rpc/authentication.cc: http://gerrit.cloudera.org:8080/#/c/21700/1/be/src/rpc/authentication.cc@641 PS1, Line 641: connection_context->http_origin = origin; > Since this may be crafted by user himself though --hs2_x_forward arg, shoul This is a good question! In the case of this change all we are doing is reporting what is set. So the new code does not use this value affect any logic. Earlier code (trusted_domain_use_xff_header) does allow the header to be used for logic purposes and this does not seem to do any validating beyond stripping white space. So my inclination is to not add any sanitization, I have updated the commit msg to be clearer that none is done. What do you think? -- To view, visit http://gerrit.cloudera.org:8080/21700 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I2e010cfb09674c5d043ef915347c3836696e03cf Gerrit-Change-Number: 21700 Gerrit-PatchSet: 1 Gerrit-Owner: Andrew Sherman <[email protected]> Gerrit-Reviewer: Andrew Sherman <[email protected]> Gerrit-Reviewer: Impala Public Jenkins <[email protected]> Gerrit-Reviewer: Riza Suminto <[email protected]> Gerrit-Comment-Date: Mon, 26 Aug 2024 18:35:31 +0000 Gerrit-HasComments: Yes
