openstack
/
oslo.messaging
Code Issues Proposed changes
oslo.messaging/oslo_messaging/tests
History
Jay Faulkner 44d112eb9d Only allow safe context fields in notifications 
Publishing a fully hydrated context object in a notification would give
someone with access to that notification the ability to impersonate the
original actor through inclusion of sensitive fields.

Now, instead, we pare down the context object to the bare minimum before
passing it for serialization in notification workflows.

Closes-bug: 2030976
Change-Id: Ic94323658c89df1c1ff32f511ca23502317d0f00
(cherry picked from commit 1b315615e7)
 		2023-08-28 14:57:45 +00:00
..
drivers [rabbit] use retry parameters during notification sending 2022-01-13 09:52:28 +01:00
functional Add Support For oslo.metrics 2021-06-08 22:22:37 +08:00
notify Only allow safe context fields in notifications 2023-08-28 14:57:45 +00:00
rpc Adding pre-commit 2020-09-22 12:35:37 +02:00
__init__.py Remove six usage 2020-05-11 10:21:58 +02:00
test_config_opts_proxy.py Increase ACK_REQUEUE_EVERY_SECONDS_MAX to exceed default kombu_reconnect_delay 2023-06-01 14:24:51 +00:00
test_exception_serialization.py remove unicode from code 2021-01-03 16:11:46 +08:00
test_expected_exceptions.py Update hacking for Python3 2020-03-30 13:49:29 +00:00
test_fixture.py Remove rpc_backend and ConfFixture.transport_driver 2018-09-13 15:01:27 -06:00
test_opts.py Remove six usage 2020-05-11 10:21:58 +02:00
test_target.py Move files out of the namespace package 2015-01-12 12:50:41 -05:00
test_transport.py Adding pre-commit 2020-09-22 12:35:37 +02:00
test_urls.py Remove rpc_backend and ConfFixture.transport_driver 2018-09-13 15:01:27 -06:00
test_utils.py Remove six usage 2020-05-11 10:21:58 +02:00
utils.py Do not use threading.Event 2019-12-18 13:11:41 +00:00