[hadoop] branch trunk updated: YARN-9727: Allowed Origin pattern is discouraged if regex contains *. Contributed by Zoltan Siegl

Fri, 09 Aug 2019 00:35:21 -0700 

This is an automated email from the ASF dual-hosted git repository.

snemeth pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git


The following commit(s) were added to refs/heads/trunk by this push:
     new df30d8e  YARN-9727: Allowed Origin pattern is discouraged if regex 
contains *. Contributed by Zoltan Siegl
df30d8e is described below

commit df30d8ea092cddc037482bc60fc790b26b577963
Author: Szilard Nemeth <snem...@apache.org>
AuthorDate: Fri Aug 9 09:34:23 2019 +0200

    YARN-9727: Allowed Origin pattern is discouraged if regex contains *. 
Contributed by Zoltan Siegl
---
 .../main/java/org/apache/hadoop/security/http/CrossOriginFilter.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/CrossOriginFilter.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/CrossOriginFilter.java
index 02c168f..60c2864 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/CrossOriginFilter.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/http/CrossOriginFilter.java
@@ -197,7 +197,7 @@ public class CrossOriginFilter implements Filter {
     LOG.info("Allowed Origins: " + StringUtils.join(allowedOrigins, ','));
     LOG.info("Allow All Origins: " + allowAllOrigins);
     List<String> discouragedAllowedOrigins = allowedOrigins.stream()
-            .filter(s -> s.length() > 1 && s.contains("*"))
+            .filter(s -> s.length() > 1 && s.contains("*") && 
!(s.startsWith(ALLOWED_ORIGINS_REGEX_PREFIX)))
             .collect(Collectors.toList());
     for (String discouragedAllowedOrigin : discouragedAllowedOrigins) {
         LOG.warn("Allowed Origin pattern '" + discouragedAllowedOrigin + "' is 
discouraged, use the 'regex:' prefix and use a Java regular expression 
instead.");


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org

Reply via email to