openstack/heat
Code Issues Proposed changes

Add http_proxy_to_wsgi middleware to Heat CFN endpoint

Browse Source 
This was already used in the API endpoint, but it's also needed in
the CFN endpoint. It's purpose is to process the X-Forwarded-Proto
header (or Proxy protocol if used) and set the protocol as directed
to https if done so. It's only needed if Heat is behind a TLS proxy
(such as HAProxy) and is also disabled by default.

Change-Id: Ibd81e1cf6bc1e3f63728b485e295478afa7f573c
Closes-Bug: #1590608
This commit is contained in:
Juan Antonio Osorio Robles 2016-10-10 09:46:14 +03:00
parent 53aca307bf
commit 6ad6ca33e7
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/heat/api-paste.ini
View File

@ -24,12 +24,12 @@ pipeline = cors request_id faultwrap versionnegotiation context custombackendaut
# heat-api-cfn pipeline
[pipeline:heat-api-cfn]
pipeline = cors cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
pipeline = cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
# heat-api-cfn pipeline for standalone heat
# relies exclusively on authenticating with ec2 signed requests
[pipeline:heat-api-cfn-standalone]
pipeline = cors cfnversionnegotiation ec2authtoken context apicfnv1app
pipeline = cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
# heat-api-cloudwatch pipeline
[pipeline:heat-api-cloudwatch]