HADOOP-12584. Disable browsing the static directory in HttpServer2. Contributed by Robert Kanter.

(cherry picked from commit 9c89bcd04212543ae279d34938ec2ad319e5ba6d)
This commit is contained in:
Akira Ajisaka 2016-01-12 13:30:58 +09:00
parent c5f63e637a
commit df95343047
3 changed files with 7 additions and 3 deletions

View File

@ -956,6 +956,9 @@ Release 2.8.0 - UNRELEASED
HADOOP-12551. Introduce FileNotFoundException for WASB FileSystem API HADOOP-12551. Introduce FileNotFoundException for WASB FileSystem API
(Dushyanth via cnauroth) (Dushyanth via cnauroth)
HADOOP-12584. Disable browsing the static directory in HttpServer2.
(Robert Kanter via aajisaka)
Release 2.7.3 - UNRELEASED Release 2.7.3 - UNRELEASED
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES

View File

@ -575,6 +575,9 @@ public final class HttpServer2 implements FilterContainer {
staticContext.setResourceBase(appDir + "/static"); staticContext.setResourceBase(appDir + "/static");
staticContext.addServlet(DefaultServlet.class, "/*"); staticContext.addServlet(DefaultServlet.class, "/*");
staticContext.setDisplayName("static"); staticContext.setDisplayName("static");
@SuppressWarnings("unchecked")
Map<String, String> params = staticContext.getInitParams();
params.put("org.mortbay.jetty.servlet.Default.dirAllowed", "false");
SessionHandler handler = new SessionHandler(); SessionHandler handler = new SessionHandler();
SessionManager sm = handler.getSessionManager(); SessionManager sm = handler.getSessionManager();
if (sm instanceof AbstractSessionManager) { if (sm instanceof AbstractSessionManager) {

View File

@ -261,7 +261,7 @@ public class TestWebApp {
} }
// This is to test the GuiceFilter should only be applied to webAppContext, // This is to test the GuiceFilter should only be applied to webAppContext,
// not to staticContext and logContext; // not to logContext;
@Test public void testYARNWebAppContext() throws Exception { @Test public void testYARNWebAppContext() throws Exception {
// setting up the log context // setting up the log context
System.setProperty("hadoop.log.dir", "/Not/Existing/dir"); System.setProperty("hadoop.log.dir", "/Not/Existing/dir");
@ -272,8 +272,6 @@ public class TestWebApp {
}); });
String baseUrl = baseUrl(app); String baseUrl = baseUrl(app);
try { try {
// should not redirect to foo
assertFalse("foo".equals(getContent(baseUrl +"static").trim()));
// Not able to access a non-existing dir, should not redirect to foo. // Not able to access a non-existing dir, should not redirect to foo.
assertEquals(404, getResponseCode(baseUrl +"logs")); assertEquals(404, getResponseCode(baseUrl +"logs"));
// should be able to redirect to foo. // should be able to redirect to foo.