[ https://issues.apache.org/jira/browse/YARN-3654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14554303#comment-14554303 ]
Hudson commented on YARN-3654: ------------------------------ FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #202 (See [https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/202/]) YARN-3654. ContainerLogsPage web UI should not have meta-refresh. Contributed by Xuan Gong (jianhe: rev 6329bd00fa1f17cc9555efa496ea7607ad93e0ce) * hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/webapp/NMController.java * hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/webapp/ContainerLogsPage.java * hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/webapp/NMWebAppFilter.java * hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/webapp/WebServer.java * hadoop-yarn-project/CHANGES.txt > ContainerLogsPage web UI should not have meta-refresh > ----------------------------------------------------- > > Key: YARN-3654 > URL: https://issues.apache.org/jira/browse/YARN-3654 > Project: Hadoop YARN > Issue Type: Bug > Components: yarn > Affects Versions: 2.7.1 > Reporter: Xuan Gong > Assignee: Xuan Gong > Fix For: 2.8.0 > > Attachments: YARN-3654.1.patch, YARN-3654.2.patch > > > Currently, When we try to find the container logs for the finished > application, it will re-direct to the url which we re-configured for > yarn.log.server.url in yarn-site.xml. But in ContainerLogsPage, we are using > meta-refresh: > {code} > set(TITLE, join("Redirecting to log server for ", $(CONTAINER_ID))); > html.meta_http("refresh", "1; url=" + redirectUrl); > {code} > which is not good for some browsers which need to enable the meta-refresh in > their security setting, especially for IE which meta-refresh is considered a > security hole. -- This message was sent by Atlassian JIRA (v6.3.4#6332)