OpenStack Dashboard (Horizon)

Too loose url regex for project/images/<instance-id>/create

Bug #1477822 reported by Lin Yang on 2015-07-24

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Dashboard (Horizon)	Fix Released	Low	Lin Yang	OpenStack Dashboard (Horizon) mitaka-1 "m1"

Bug Description

How to reproduce:
Input a wrong url http://<horizon>/project/images/<instance-id>/createabcd into browser, it shows the view of creating snapshot instead of 404 as expect.

Root cause:
The current url regex '^(?P<instance_id>[^/]+)/create' is too loose, which will match all url start with 'create'.
https://git.openstack.org/cgit/openstack/horizon/tree/openstack_dashboard/dashboards/project/images/snapshots/urls.py#n27

Lin Yang (lin-a-yang) on 2015-07-24

Changed in horizon:
assignee:	nobody → Lin Yang (lin-a-yang)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-07-24: Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/205367

Changed in horizon:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-06: Fix merged to horizon (master)

Reviewed: https://review.openstack.org/205367
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=a0dd5f40852af01d83451fd213f57a61a4fe0cc5
Submitter: Jenkins
Branch: master

commit a0dd5f40852af01d83451fd213f57a61a4fe0cc5
Author: Lin Yang <email address hidden>
Date: Fri Jul 24 12:17:47 2015 +0800

Fix too loose url regex for snapshot creation

    Current regex '^(?P<instance_id>[^/]+)/create' for url
    projects/images/<instance-id>/create will match all urls start with 'create' by
    mistake. The '$' added will make sure the regex only match 'create' as expect.

Change-Id: I9f180d8d904d15e9458513f39b1e4719ac6800a3
Closes-Bug: #1477822

Changed in horizon:
status:	In Progress → Fix Committed

Rob Cresswell (robcresswell-deactivatedaccount) on 2015-11-09

Changed in horizon:
importance:	Undecided → Low
milestone:	none → mitaka-1

Revision history for this message

Doug Hellmann (doug-hellmann) wrote on 2015-12-03: Fix included in openstack/horizon 9.0.0.0b1

This issue was fixed in the openstack/horizon 9.0.0.0b1 development milestone.

Changed in horizon:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.