Package org.apache.spark.ui
Class HttpSecurityFilter
Object
org.apache.spark.ui.HttpSecurityFilter
- All Implemented Interfaces:
javax.servlet.Filter
A servlet filter that implements HTTP security features. The following actions are taken
for every request:
- perform access control of authenticated requests. - check request data for disallowed content (e.g. things that could be used to create XSS attacks). - set response headers to prevent certain kinds of attacks.
Request parameters are sanitized so that HTML content is escaped, and disallowed content is removed.
-
Constructor Summary
ConstructorDescriptionHttpSecurityFilter
(SparkConf conf, org.apache.spark.SecurityManager securityMgr) -
Method Summary
-
Constructor Details
-
HttpSecurityFilter
-
-
Method Details
-
destroy
public void destroy()- Specified by:
destroy
in interfacejavax.servlet.Filter
-
doFilter
public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain) - Specified by:
doFilter
in interfacejavax.servlet.Filter
-
init
public void init(javax.servlet.FilterConfig config) - Specified by:
init
in interfacejavax.servlet.Filter
-