[
https://issues.apache.org/jira/browse/YARN-11661?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Susheel Gupta resolved YARN-11661.
----------------------------------
Hadoop Flags: Reviewed
Resolution: Workaround
Closing this as workaround exists.
> Adding new property to configure the "SameSite" cookie attribute on YARN UI
> ----------------------------------------------------------------------------
>
> Key: YARN-11661
> URL: https://issues.apache.org/jira/browse/YARN-11661
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: yarn
> Reporter: Susheel Gupta
> Assignee: Susheel Gupta
> Priority: Major
>
> If we use 'SameSite=Strict,' the browser would only send the cookie for
> same-site requests, rendering cross-site sessions ineffective.
> However, it’s worth noting that while using SameSite=None with TLS does
> enhance the security of your cookies compared to using it without TLS, it
> doesn’t provide complete security. Nevertheless, considering the necessity
> for cross-site sessions, utilizing SameSite=None along with TLS can provide a
> reasonable level of security.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-dev-h...@hadoop.apache.org
