[jira] [Commented] (HIVE-21986) HiveServer Web UI: Setting the Strict-Transport-Security in default response header

Tue, 16 Jul 2019 00:09:40 -0700 


    [ 
https://issues.apache.org/jira/browse/HIVE-21986?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16885884#comment-16885884
 ] 

Hive QA commented on HIVE-21986:
--------------------------------



Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12974793/HIVE-21986.03.patch

{color:red}ERROR:{color} -1 due to no test(s) being added or modified.

{color:green}SUCCESS:{color} +1 due to 16669 tests passed

Test results: 
https://builds.apache.org/job/PreCommit-HIVE-Build/18041/testReport
Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/18041/console
Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-18041/

Messages:
{noformat}
Executing org.apache.hive.ptest.execution.TestCheckPhase
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.YetusPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
{noformat}

This message is automatically generated.

ATTACHMENT ID: 12974793 - PreCommit-HIVE-Build

> HiveServer Web UI: Setting the Strict-Transport-Security in default response 
> header
> -----------------------------------------------------------------------------------
>
>                 Key: HIVE-21986
>                 URL: https://issues.apache.org/jira/browse/HIVE-21986
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2
>    Affects Versions: 3.1.1
>            Reporter: Rajkumar Singh
>            Assignee: Rajkumar Singh
>            Priority: Major
>         Attachments: HIVE-21986.01.patch, HIVE-21986.02.patch, 
> HIVE-21986.03.patch, HIVE-21986.patch
>
>
> Currently, HiveServer UI HTTP response header doesn't have 
> Strict-Transport-Security set so will be adding this to default header.
> expected response after patch:
> {code:java}
> HTTP/1.1 200 OK
> Date: Wed, 10 Jul 2019 22:47:34 GMT
> Content-Type: text/html;charset=utf-8
> Strict-Transport-Security: max-age=31536000; includeSubDomains
> X-Content-Type-Options: nosniff
> X-FRAME-OPTIONS: SAMEORIGIN
> X-XSS-Protection: 1; mode=block
> Set-Cookie: JSESSIONID=fby9p6p5olb12xui7kj93uys;Path=/;HttpOnly
> Expires: Thu, 01 Jan 1970 00:00:00 GMT
> Content-Length: 3824
> Server: Jetty(9.3.25.v20180904)
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Reply via email to