Jonathan Eagles commented on YARN-4009:

I have reviewed the patch and have run with the timeline cross origin filter 
for a long time now. From a usage concern, Cross origin support is only needed 
for browser running javascript that reaches out to web services. Is there a 
need to allow the design to enable this only for webservices (REST APIs) 
instead of the whole webserver (builtin UIs and REST apis)? Also, seconding 
[~hitesh]'s comment regarding turning this on per service. Patch looks good 
other that these design questions.

> CORS support for ResourceManager REST API
> -----------------------------------------
>                 Key: YARN-4009
>                 URL: https://issues.apache.org/jira/browse/YARN-4009
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Prakash Ramachandran
>            Assignee: Varun Vasudev
>         Attachments: YARN-4009.001.patch, YARN-4009.002.patch, 
> YARN-4009.003.patch, YARN-4009.004.patch
> Currently the REST API's do not have CORS support. This means any UI (running 
> in browser) cannot consume the REST API's. For ex Tez UI would like to use 
> the REST API for getting application, application attempt information exposed 
> by the API's. 
> It would be very useful if CORS is enabled for the REST API's.

This message was sent by Atlassian JIRA

Reply via email to