-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/54978/
-----------------------------------------------------------
Review request for ranger.
Bugs: RANGER-1279
https://issues.apache.org/jira/browse/RANGER-1279
Repository: ranger
Description
-------
The static configuration variable RangerCSRFPreventionFilter.IS_CSRF_ENABLED is
public, meaning that a malicious application running in the same JVM as Ranger
could disable CSRF protection. It should be private instead.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerCSRFPreventionFilter.java
556e2dc
Diff: https://reviews.apache.org/r/54978/diff/
Testing
-------
Thanks,
Colm O hEigeartaigh
