From 2bfa57488bfdddd6abf4b37c85be81db886bf001 Mon Sep 17 00:00:00 2001 From: Andrew Wang Date: Mon, 6 Mar 2017 10:47:15 -0800 Subject: [PATCH] HDFS-11441. Add escaping to error message in KMS web UI. Contributed by Aaron T. Myers. (cherry picked from commit ec839b94c0eb3f09e74f8a3b0bc9a08b3f5418b2) (cherry picked from commit cf5a1390aac7189cffbe1b96accb6a626a2d4a8f) --- .../hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java index bb7b337986e..a791d03c375 100644 --- a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java +++ b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java @@ -20,6 +20,7 @@ package org.apache.hadoop.crypto.key.kms.server; import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.crypto.key.kms.KMSDelegationToken; +import org.apache.hadoop.http.HtmlQuoting; import org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler; import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler; import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter; @@ -105,7 +106,7 @@ public class KMSAuthenticationFilter public void sendError(int sc, String msg) throws IOException { statusCode = sc; this.msg = msg; - super.sendError(sc, msg); + super.sendError(sc, HtmlQuoting.quoteHtmlChars(msg)); } @Override