Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-12584. Disable browsing the static directory in HttpServer2. Contributed by Robert Kanter. 

(cherry picked from commit 9c89bcd04212543ae279d34938ec2ad319e5ba6d)
(cherry picked from commit 6f80be98758ff5d53a192f86ada6cc4062fcdef8)
This commit is contained in:
Akira Ajisaka 2016-01-12 13:30:58 +09:00
parent 74c05e5359
commit 3fced13eae
3 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hadoop-common-project/hadoop-common/CHANGES.txt
View File

@ -917,6 +917,9 @@ Release 2.8.0 - UNRELEASED
HADOOP-12551. Introduce FileNotFoundException for WASB FileSystem API HADOOP-12551. Introduce FileNotFoundException for WASB FileSystem API
(Dushyanth via cnauroth) (Dushyanth via cnauroth)
HADOOP-12584. Disable browsing the static directory in HttpServer2.
(Robert Kanter via aajisaka)
Release 2.7.3 - UNRELEASED Release 2.7.3 - UNRELEASED
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES

3
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
View File

@ -571,6 +571,9 @@ public final class HttpServer2 implements FilterContainer {
staticContext.setResourceBase(appDir + "/static"); staticContext.setResourceBase(appDir + "/static");
staticContext.addServlet(DefaultServlet.class, "/*"); staticContext.addServlet(DefaultServlet.class, "/*");
staticContext.setDisplayName("static"); staticContext.setDisplayName("static");
@SuppressWarnings("unchecked")
Map<String, String> params = staticContext.getInitParams();
params.put("org.mortbay.jetty.servlet.Default.dirAllowed", "false");
SessionHandler handler = new SessionHandler(); SessionHandler handler = new SessionHandler();
SessionManager sm = handler.getSessionManager(); SessionManager sm = handler.getSessionManager();
if (sm instanceof AbstractSessionManager) { if (sm instanceof AbstractSessionManager) {

4
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/webapp/TestWebApp.java
View File

@ -261,7 +261,7 @@ public class TestWebApp {
} }
// This is to test the GuiceFilter should only be applied to webAppContext, // This is to test the GuiceFilter should only be applied to webAppContext,
// not to staticContext and logContext; // not to logContext;
@Test public void testYARNWebAppContext() throws Exception { @Test public void testYARNWebAppContext() throws Exception {
// setting up the log context // setting up the log context
System.setProperty("hadoop.log.dir", "/Not/Existing/dir"); System.setProperty("hadoop.log.dir", "/Not/Existing/dir");
@ -272,8 +272,6 @@ public class TestWebApp {
}); });
String baseUrl = baseUrl(app); String baseUrl = baseUrl(app);
try { try {
// should not redirect to foo
assertFalse("foo".equals(getContent(baseUrl +"static").trim()));
// Not able to access a non-existing dir, should not redirect to foo. // Not able to access a non-existing dir, should not redirect to foo.
assertEquals(404, getResponseCode(baseUrl +"logs")); assertEquals(404, getResponseCode(baseUrl +"logs"));
// should be able to redirect to foo. // should be able to redirect to foo.