melanie witt 890e2d320e Use X-Forwarded-Proto as origin protocol if present ...

When using a haproxy with SSL termination to provide secure console
connections, haproxy will change the Origin header scheme to 'http'
and add the 'X-Forwarded-Proto: https' header. This causes a failure
in the Nova console proxy code which verifies that the Origin header
scheme matches the access_url scheme for the connection, because the
Origin header coming from haproxy is 'http' while the access_url
scheme is 'https' or 'wss'.

This looks for the X-Forwarded-Proto header and uses its scheme for
the verification instead, if it is present.

Closes-Bug: #1788180

Change-Id: I43401dc8368853654bf443273a0a1b5b9b63e3f0

2019-01-16 00:28:53 +00:00

..

rfb

Fix accumulated nits

2018-01-16 14:54:04 +00:00

securityproxy

remove unnecessary conf imports

2018-03-09 14:30:10 -05:00

__init__.py

Improve hacking rule to avoid author markers

2014-05-05 14:35:20 +02:00

api.py

remove unnecessary conf imports

2018-03-09 14:30:10 -05:00

manager.py

trivial: fix a comment typo

2018-04-11 18:05:46 +08:00

rpcapi.py

conf: remove *_topic config opts

2017-07-17 21:27:02 -07:00

serial.py

Remove translation of log messages

2017-07-18 09:03:39 +00:00

type.py

Add MKS console support

2015-07-25 15:01:44 +03:00

websocketproxy.py

Use X-Forwarded-Proto as origin protocol if present

2019-01-16 00:28:53 +00:00

xvp.conf.template

Port Cheetah templates to Jinja2

2013-09-02 16:03:34 +02:00

xvp.py

Use nova.db.api directly

2018-07-10 14:56:27 +00:00