[jira] [Resolved] (YARN-11661) Adding new property to configure the "SameSite" cookie attribute on YARN UI

Susheel Gupta (Jira) Thu, 14 Mar 2024 00:44:06 -0700


     [ 
https://issues.apache.org/jira/browse/YARN-11661?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Susheel Gupta resolved YARN-11661.
----------------------------------
    Hadoop Flags: Reviewed
      Resolution: Workaround

Closing this as workaround exists.

> Adding new property to configure the "SameSite" cookie attribute on YARN UI 
> ----------------------------------------------------------------------------
>
>                 Key: YARN-11661
>                 URL: https://issues.apache.org/jira/browse/YARN-11661
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: yarn
>            Reporter: Susheel Gupta
>            Assignee: Susheel Gupta
>            Priority: Major
>
> If we use 'SameSite=Strict,' the browser would only send the cookie for 
> same-site requests, rendering cross-site sessions ineffective.
> However, it’s worth noting that while using SameSite=None with TLS does 
> enhance the security of your cookies compared to using it without TLS, it 
> doesn’t provide complete security. Nevertheless, considering the necessity 
> for cross-site sessions, utilizing SameSite=None along with TLS can provide a 
> reasonable level of security.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Resolved] (YARN-11661) Adding new property to configure the "SameSite" cookie attribute on YARN UI

Reply via email to