f62c3a74c0
Having this middleware as default is very convenient for deployments, since this enables the application to handle the appropriate headers correctly in order to deal with SSL, which is nice to have out of the box. Heat, for instance, has already taken this middleware as default. However, having this act on the headers by default may not be so desirable, as the application may not be in front of a proxy, and thus will have nothing that parses or strips the X-Forwarded-* headers. Which can lead to security problems. Thus, this patch proposes the enabling of this functionality through a configuration option. This will enable more projects to take this middleware into use by default, and the deployer would only need to change one configuration file; while leaving the paste configuration intact. Change-Id: I50a70d477613025d3e54e4ee773bbb1d6fcf2e68 SecurityImpact |
||
|---|---|---|
| doc/source | ||
| oslo | ||
| oslo_middleware | ||
| .coveragerc | ||
| .gitignore | ||
| .gitreview | ||
| .mailmap | ||
| .testr.conf | ||
| CONTRIBUTING.rst | ||
| HACKING.rst | ||
| LICENSE | ||
| README.rst | ||
| babel.cfg | ||
| requirements.txt | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
README.rst
oslo.middleware
Oslo middleware library includes components that can be injected into wsgi pipelines to intercept request/response flows. The base class can be enhanced with functionality like add/delete/modification of http headers and support for limiting size/connection etc.
- Free software: Apache license
- Documentation: http://docs.openstack.org/developer/oslo.middleware
- Source: http://git.openstack.org/cgit/openstack/oslo.middleware
- Bugs: http://bugs.launchpad.net/oslo.middleware