openstack/openstack-helm
Code Issues Proposed changes

Merge "Horizon: HTTP Verb Tampering vulnerability fix"

Browse Source
This commit is contained in:
Zuul 2018-10-01 07:34:14 +00:00 committed by Gerrit Code Review
commit 653ee1330b
2 changed files with 5 additions and 0 deletions
horizon
templates/bin
_horizon.sh.tpl
values.yaml

2
horizon/templates/bin/_horizon.sh.tpl

@ -27,6 +27,8 @@ function start () {
# wsgi/horizon-http needs open files here, including secret_key_store # wsgi/horizon-http needs open files here, including secret_key_store
chown -R horizon ${SITE_PACKAGES_ROOT}/openstack_dashboard/local/ chown -R horizon ${SITE_PACKAGES_ROOT}/openstack_dashboard/local/
a2enmod rewrite
if [ -f /etc/apache2/envvars ]; then if [ -f /etc/apache2/envvars ]; then
# Loading Apache2 ENV variables # Loading Apache2 ENV variables
source /etc/apache2/envvars source /etc/apache2/envvars

3
horizon/values.yaml

@ -74,6 +74,9 @@ conf:
WSGIProcessGroup horizon-http WSGIProcessGroup horizon-http
WSGIScriptAlias / /var/www/cgi-bin/horizon/django.wsgi WSGIScriptAlias / /var/www/cgi-bin/horizon/django.wsgi
WSGIPassAuthorization On WSGIPassAuthorization On
RewriteEngine on
RewriteCond %{REQUEST_METHOD} !^(POST|PUT|GET|DELETE)
RewriteRule .* - [F]
<Location "/"> <Location "/">
Require all granted Require all granted