95f1d47bb5
Adds a DEFAULT/console_allowed_origins to the console websocket proxy to allow connections from other Origin hostnames (other than only the hostname in the Host header.) Origin header checking was introduced in https://review.openstack.org/#/c/163033/ as a fix for bug 1409142 and CVE-2015-0259. However there are valid use cases where you want to do cross-site web socket connections. This patch allows for controlled cross-site web socket connections to the console proxy services. DocImpact Change-Id: If7995bb7afc255f5ad834dc8a7044ef38b6cb335 Closes-bug: 1474079 |
||
---|---|---|
.. | ||
__init__.py | ||
test_console.py | ||
test_rpcapi.py | ||
test_serial.py | ||
test_type.py | ||
test_websocketproxy.py |