[
https://issues.apache.org/jira/browse/YARN-10336?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17175700#comment-17175700
]
Íñigo Goiri commented on YARN-10336:
------------------------------------
The tests looks good, couple minor things:
* Add license to the file.
* Add javadoc to the tests.
* For the map, you can use:
https://docs.oracle.com/javase/7/docs/api/java/util/Collections.html#singletonMap(K,%20V)
> RM page should throw exception when command injected in RM REST API to get
> applications
> ---------------------------------------------------------------------------------------
>
> Key: YARN-10336
> URL: https://issues.apache.org/jira/browse/YARN-10336
> Project: Hadoop YARN
> Issue Type: Bug
> Reporter: Rajshree Mishra
> Assignee: Bilwa S T
> Priority: Major
> Attachments: CommandInject.jpg, RM_UI.jpg, YARN-10336.001.patch,
> YARN-10336.002.patch, testproof.png
>
>
> Using a web application attacking, we see that injecting commands like
> ACCEPTED, FAILED and FINISHED to RM REST API does not throw an exception.
> Refer images.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
