YARN-4769. Add support for CSRF header in the dump capacity scheduler logs and kill app buttons in RM web UI. Contributed by Varun Vasudev
This commit is contained in:
parent
aede8c10ec
commit
93bacda08b
@ -62,7 +62,7 @@ public class RestCsrfPreventionFilter implements Filter {
|
||||
public static final String CUSTOM_METHODS_TO_IGNORE_PARAM =
|
||||
"methods-to-ignore";
|
||||
static final String BROWSER_USER_AGENTS_DEFAULT = "^Mozilla.*,^Opera.*";
|
||||
static final String HEADER_DEFAULT = "X-XSRF-HEADER";
|
||||
public static final String HEADER_DEFAULT = "X-XSRF-HEADER";
|
||||
static final String METHODS_TO_IGNORE_DEFAULT = "GET,OPTIONS,HEAD,TRACE";
|
||||
private String headerName = HEADER_DEFAULT;
|
||||
private Set<String> methodsToIgnore = null;
|
||||
|
@ -24,12 +24,14 @@
|
||||
|
||||
import java.security.PrivilegedExceptionAction;
|
||||
import java.util.Collection;
|
||||
import java.util.Map;
|
||||
|
||||
import org.apache.commons.lang.StringEscapeUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.security.UserGroupInformation;
|
||||
import org.apache.hadoop.security.http.RestCsrfPreventionFilter;
|
||||
import org.apache.hadoop.util.StringUtils;
|
||||
import org.apache.hadoop.yarn.api.ApplicationBaseProtocol;
|
||||
import org.apache.hadoop.yarn.api.protocolrecords.GetApplicationAttemptsRequest;
|
||||
@ -143,6 +145,7 @@ public ApplicationReport run() throws Exception {
|
||||
.append(" type: 'PUT',")
|
||||
.append(" url: '/ws/v1/cluster/apps/").append(aid).append("/state',")
|
||||
.append(" contentType: 'application/json',")
|
||||
.append(getCSRFHeaderString(conf))
|
||||
.append(" data: '{\"state\":\"KILLED\"}',")
|
||||
.append(" dataType: 'json'")
|
||||
.append(" }).done(function(data){")
|
||||
@ -369,4 +372,21 @@ protected void createApplicationMetricsTable(Block html) {
|
||||
protected LogAggregationStatus getLogAggregationStatus() {
|
||||
return null;
|
||||
}
|
||||
|
||||
public static String getCSRFHeaderString(Configuration conf) {
|
||||
String ret = "";
|
||||
if (conf.getBoolean(YarnConfiguration.RM_CSRF_ENABLED, false)) {
|
||||
ret = " headers : { '";
|
||||
Map<String, String> filterParams = RestCsrfPreventionFilter
|
||||
.getFilterParams(conf, YarnConfiguration.RM_CSRF_PREFIX);
|
||||
if (filterParams
|
||||
.containsKey(RestCsrfPreventionFilter.CUSTOM_HEADER_PARAM)) {
|
||||
ret += filterParams.get(RestCsrfPreventionFilter.CUSTOM_HEADER_PARAM);
|
||||
} else {
|
||||
ret += RestCsrfPreventionFilter.HEADER_DEFAULT;
|
||||
}
|
||||
ret += "' : 'null' },";
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
@ -42,6 +42,7 @@
|
||||
import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.PartitionResourcesInfo;
|
||||
import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.ResourceInfo;
|
||||
import org.apache.hadoop.yarn.server.security.ApplicationACLsManager;
|
||||
import org.apache.hadoop.yarn.server.webapp.AppBlock;
|
||||
import org.apache.hadoop.yarn.util.Times;
|
||||
import org.apache.hadoop.yarn.util.resource.Resources;
|
||||
import org.apache.hadoop.yarn.webapp.ResponseInfo;
|
||||
@ -357,6 +358,7 @@ public void render(Block html) {
|
||||
.append(" type: 'POST',")
|
||||
.append(" url: '/ws/v1/cluster/scheduler/logs',")
|
||||
.append(" contentType: 'text/plain',")
|
||||
.append(AppBlock.getCSRFHeaderString(rm.getConfig()))
|
||||
.append(" data: 'time=' + timePeriod,")
|
||||
.append(" dataType: 'text'")
|
||||
.append(" }).done(function(data){")
|
||||
|
Loading…
Reference in New Issue
Block a user