openstack
/
nova
Code Issues Proposed changes
nova/nova/console
History
melanie witt 890e2d320e Use X-Forwarded-Proto as origin protocol if present 
When using a haproxy with SSL termination to provide secure console
connections, haproxy will change the Origin header scheme to 'http'
and add the 'X-Forwarded-Proto: https' header. This causes a failure
in the Nova console proxy code which verifies that the Origin header
scheme matches the access_url scheme for the connection, because the
Origin header coming from haproxy is 'http' while the access_url
scheme is 'https' or 'wss'.

This looks for the X-Forwarded-Proto header and uses its scheme for
the verification instead, if it is present.

Closes-Bug: #1788180

Change-Id: I43401dc8368853654bf443273a0a1b5b9b63e3f0
 		2019-01-16 00:28:53 +00:00
..
rfb Fix accumulated nits 2018-01-16 14:54:04 +00:00
securityproxy remove unnecessary conf imports 2018-03-09 14:30:10 -05:00
__init__.py Improve hacking rule to avoid author markers 2014-05-05 14:35:20 +02:00
api.py remove unnecessary conf imports 2018-03-09 14:30:10 -05:00
manager.py trivial: fix a comment typo 2018-04-11 18:05:46 +08:00
rpcapi.py conf: remove *_topic config opts 2017-07-17 21:27:02 -07:00
serial.py Remove translation of log messages 2017-07-18 09:03:39 +00:00
type.py Add MKS console support 2015-07-25 15:01:44 +03:00
websocketproxy.py Use X-Forwarded-Proto as origin protocol if present 2019-01-16 00:28:53 +00:00
xvp.conf.template Port Cheetah templates to Jinja2 2013-09-02 16:03:34 +02:00
xvp.py Use nova.db.api directly 2018-07-10 14:56:27 +00:00