Glance sends full tracebacks to the client on 500 errors
Bug #1192132 reported by
Paul Bourke
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Glance |
Fix Released
|
Undecided
|
Paul Bourke |
Bug Description
eventlet.
This sends tracebacks to the client on 500 errors, which is not desirable for security reasons. This should be set to False by default.
Changed in glance: | |
assignee: | nobody → Paul Bourke (pauldbourke) |
status: | New → In Progress |
Changed in glance: | |
milestone: | none → havana-2 |
status: | Fix Committed → Fix Released |
Changed in glance: | |
milestone: | havana-2 → 2013.2 |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/33307 github. com/openstack/ glance/ commit/ 33fc21a81526029 d0c50ef82d74425 0ff1a99b42
Committed: http://
Submitter: Jenkins
Branch: master
commit 33fc21a81526029 d0c50ef82d74425 0ff1a99b42
Author: Paul Bourke <email address hidden>
Date: Mon Jun 17 16:12:59 2013 +0000
Do not send traceback to clients by default
eventlet. wsgi.server contains a "debug" param which is True by default.
This sends tracebacks to the client on 500 errors, which is not
desirable for security reasons.
Set this to be False by default.
Fixes bug 1192132
Change-Id: Ib54fb79128c692 2f7a38339c4256f 0e4c81e1665