diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java index af66ee56776..fb6817e4daa 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java @@ -216,8 +216,11 @@ protected void setHandlerAuthMethod(SaslRpcServer.AuthMethod authMethod) { @VisibleForTesting static String getDoAs(HttpServletRequest request) { - List list = URLEncodedUtils.parse(request.getQueryString(), - UTF8_CHARSET); + String queryString = request.getQueryString(); + if (queryString == null) { + return null; + } + List list = URLEncodedUtils.parse(queryString, UTF8_CHARSET); if (list != null) { for (NameValuePair nv : list) { if (DelegationTokenAuthenticatedURL.DO_AS. diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/ServletUtils.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/ServletUtils.java index 16137accc80..078dfa44bdd 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/ServletUtils.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/ServletUtils.java @@ -45,8 +45,11 @@ class ServletUtils { */ public static String getParameter(HttpServletRequest request, String name) throws IOException { - List list = URLEncodedUtils.parse(request.getQueryString(), - UTF8_CHARSET); + String queryString = request.getQueryString(); + if (queryString == null) { + return null; + } + List list = URLEncodedUtils.parse(queryString, UTF8_CHARSET); if (list != null) { for (NameValuePair nv : list) { if (name.equals(nv.getName())) { diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml index fcadfce45fd..043e5581a20 100644 --- a/hadoop-project/pom.xml +++ b/hadoop-project/pom.xml @@ -457,12 +457,12 @@ org.apache.httpcomponents httpclient - 4.2.5 + 4.5.2 org.apache.httpcomponents httpcore - 4.2.5 + 4.4.4 commons-codec diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-web-proxy/src/main/java/org/apache/hadoop/yarn/server/webproxy/WebAppProxyServlet.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-web-proxy/src/main/java/org/apache/hadoop/yarn/server/webproxy/WebAppProxyServlet.java index 9d64667b4c9..0b621aa182a 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-web-proxy/src/main/java/org/apache/hadoop/yarn/server/webproxy/WebAppProxyServlet.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-web-proxy/src/main/java/org/apache/hadoop/yarn/server/webproxy/WebAppProxyServlet.java @@ -423,11 +423,14 @@ private void methodAction(final HttpServletRequest req, // Append the user-provided path and query parameter to the original // tracking url. - List queryPairs = - URLEncodedUtils.parse(req.getQueryString(), null); UriBuilder builder = UriBuilder.fromUri(trackingUri); - for (NameValuePair pair : queryPairs) { - builder.queryParam(pair.getName(), pair.getValue()); + String queryString = req.getQueryString(); + if (queryString != null) { + List queryPairs = + URLEncodedUtils.parse(queryString, null); + for (NameValuePair pair : queryPairs) { + builder.queryParam(pair.getName(), pair.getValue()); + } } URI toFetch = builder.path(rest).build();