YARN-8868. Set HTTPOnly attribute to Cookie. Contributed by Chandni Singh.
This commit is contained in:
parent
3ed7163302
commit
2202e00ba8
@ -179,10 +179,10 @@ public static void redirectToErrorPage(HttpServletResponse res, Throwable e,
|
||||
String st = devMode ? ErrorPage.toStackTrace(e, 1024 * 3) // spec: min 4KB
|
||||
: "See logs for stack trace";
|
||||
res.setStatus(res.SC_FOUND);
|
||||
Cookie cookie = new Cookie(STATUS_COOKIE, String.valueOf(500));
|
||||
Cookie cookie = createCookie(STATUS_COOKIE, String.valueOf(500));
|
||||
cookie.setPath(path);
|
||||
res.addCookie(cookie);
|
||||
cookie = new Cookie(ERROR_COOKIE, st);
|
||||
cookie = createCookie(ERROR_COOKIE, st);
|
||||
cookie.setPath(path);
|
||||
res.addCookie(cookie);
|
||||
res.setHeader("Location", path);
|
||||
@ -196,7 +196,7 @@ public static void removeErrorCookies(HttpServletResponse res, String path) {
|
||||
public static void removeCookie(HttpServletResponse res, String name,
|
||||
String path) {
|
||||
LOG.debug("removing cookie {} on {}", name, path);
|
||||
Cookie c = new Cookie(name, "");
|
||||
Cookie c = createCookie(name, "");
|
||||
c.setMaxAge(0);
|
||||
c.setPath(path);
|
||||
res.addCookie(c);
|
||||
@ -249,4 +249,10 @@ private void prepareToExit() {
|
||||
}
|
||||
}, 18); // enough time for the last local request to complete
|
||||
}
|
||||
|
||||
private static Cookie createCookie(String name, String val) {
|
||||
Cookie cookie = new Cookie(name, val);
|
||||
cookie.setHttpOnly(true);
|
||||
return cookie;
|
||||
}
|
||||
}
|
||||
|
@ -322,6 +322,7 @@ private static String getCheckCookieName(ApplicationId id){
|
||||
|
||||
private static Cookie makeCheckCookie(ApplicationId id, boolean isSet) {
|
||||
Cookie c = new Cookie(getCheckCookieName(id),String.valueOf(isSet));
|
||||
c.setHttpOnly(true);
|
||||
c.setPath(ProxyUriUtils.getPath(id));
|
||||
c.setMaxAge(60 * 60 * 2); //2 hours in seconds
|
||||
return c;
|
||||
|
Loading…
Reference in New Issue
Block a user