[ 
https://issues.apache.org/jira/browse/YARN-4009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14791251#comment-14791251
 ] 

Jonathan Eagles commented on YARN-4009:
---------------------------------------

I have reviewed the patch and have run with the timeline cross origin filter 
for a long time now. From a usage concern, Cross origin support is only needed 
for browser running javascript that reaches out to web services. Is there a 
need to allow the design to enable this only for webservices (REST APIs) 
instead of the whole webserver (builtin UIs and REST apis)? Also, seconding 
[~hitesh]'s comment regarding turning this on per service. Patch looks good 
other that these design questions.

> CORS support for ResourceManager REST API
> -----------------------------------------
>
>                 Key: YARN-4009
>                 URL: https://issues.apache.org/jira/browse/YARN-4009
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Prakash Ramachandran
>            Assignee: Varun Vasudev
>         Attachments: YARN-4009.001.patch, YARN-4009.002.patch, 
> YARN-4009.003.patch, YARN-4009.004.patch
>
>
> Currently the REST API's do not have CORS support. This means any UI (running 
> in browser) cannot consume the REST API's. For ex Tez UI would like to use 
> the REST API for getting application, application attempt information exposed 
> by the API's. 
> It would be very useful if CORS is enabled for the REST API's.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to