[jira] [Commented] (ACCUMULO-4660) Trace servlet on monitor doesn't sanitize URL data
[ https://issues.apache.org/jira/browse/ACCUMULO-4660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16078182#comment-16078182 ] Josh Elser commented on ACCUMULO-4660: -- Thanks! > Trace servlet on monitor doesn't sanitize URL data > -- > > Key: ACCUMULO-4660 > URL: https://issues.apache.org/jira/browse/ACCUMULO-4660 > Project: Accumulo > Issue Type: Bug > Components: monitor >Reporter: Josh Elser >Assignee: Josh Elser >Priority: Minor > Fix For: 1.7.4, 1.8.2, 2.0.0 > > Time Spent: 1h > Remaining Estimate: 0h > > The trace servlet does not appropriately sanitize incoming data which can > lead to the monitor acting unexpectedly. This is not a large concern as we do > not expect the monitor to run on a network accessible to the public internet. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (ACCUMULO-4660) Trace servlet on monitor doesn't sanitize URL data
[ https://issues.apache.org/jira/browse/ACCUMULO-4660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16077359#comment-16077359 ] Christopher Tubbs commented on ACCUMULO-4660: - Confirmed PathParam and QueryParam need sanitization in the new REST-based monitor. Will create new issue. > Trace servlet on monitor doesn't sanitize URL data > -- > > Key: ACCUMULO-4660 > URL: https://issues.apache.org/jira/browse/ACCUMULO-4660 > Project: Accumulo > Issue Type: Bug > Components: monitor >Reporter: Josh Elser >Assignee: Josh Elser >Priority: Minor > Fix For: 1.7.4, 1.8.2, 2.0.0 > > Time Spent: 1h > Remaining Estimate: 0h > > The trace servlet does not appropriately sanitize incoming data which can > lead to the monitor acting unexpectedly. This is not a large concern as we do > not expect the monitor to run on a network accessible to the public internet. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (ACCUMULO-4660) Trace servlet on monitor doesn't sanitize URL data
[ https://issues.apache.org/jira/browse/ACCUMULO-4660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16063995#comment-16063995 ] Christopher Tubbs commented on ACCUMULO-4660: - The ACCUMULO-3005 work will have to be checked for this. [~lstav] > Trace servlet on monitor doesn't sanitize URL data > -- > > Key: ACCUMULO-4660 > URL: https://issues.apache.org/jira/browse/ACCUMULO-4660 > Project: Accumulo > Issue Type: Bug > Components: monitor >Reporter: Josh Elser >Assignee: Josh Elser >Priority: Minor > Fix For: 1.7.4, 1.8.2, 2.0.0 > > Time Spent: 1h > Remaining Estimate: 0h > > The trace servlet does not appropriately sanitize incoming data which can > lead to the monitor acting unexpectedly. This is not a large concern as we do > not expect the monitor to run on a network accessible to the public internet. -- This message was sent by Atlassian JIRA (v6.4.14#64029)