Fix uwsgi config for trailing slashes

The apache mod_proxy documentation[0] says that trailing slashes need to match for the ProxyPass statement. Since adding a slash to the redirected url would break things that need to access endpoints like /identity without anything added, we need to drop the trailing slash for the target URL. See [1] for the discussion of the CVE fix that changed the previous behavior. [0] https://httpd.apache.org/docs/trunk/mod/mod_proxy.html#proxypass [1] https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1945274 Depends-On: https://review.opendev.org/c/openstack/devstack/+/811389 Change-Id: Ia6b1a41957833fba87a2e6f048d2483267632385
2021-09-28 20:02:34 +02:00 · 2021-09-28 20:02:34 +02:00 · 56e75e4aef
commit 56e75e4aef
parent 8d1bfcacf8
1 changed files with 1 additions and 1 deletions
--- a/lib/apache
+++ b/lib/apache
@ -303,7 +303,7 @@ function write_uwsgi_config {
        apache_conf=$(apache_site_config_for $name)
        iniset "$file" uwsgi socket "$socket"
        iniset "$file" uwsgi chmod-socket 666
-        echo "ProxyPass \"${url}\" \"unix:${socket}|uwsgi://uwsgi-uds-${name}/\" retry=0 " | sudo tee -a $apache_conf
+        echo "ProxyPass \"${url}\" \"unix:${socket}|uwsgi://uwsgi-uds-${name}\" retry=0 " | sudo tee -a $apache_conf
        enable_apache_site $name
        restart_apache_server
    fi