OpenStack Identity (keystone)

Bug #1590608
Comment #2

Comment 2 for bug 1590608

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-14: Fix merged to glance (master)

Reviewed: https://review.openstack.org/326798
Committed: https://git.openstack.org/cgit/openstack/glance/commit/?id=b0d0b1d0ba7b9d1fadca0e7932c5886bc6cc7825
Submitter: Jenkins
Branch: master

commit b0d0b1d0ba7b9d1fadca0e7932c5886bc6cc7825
Author: Jamie Lennox <email address hidden>
Date: Wed Jun 8 11:59:09 2016 +1000

Use http-proxy-to-wsgi middleware from oslo.middleware

    The HTTP_X_FORWARDED_PROTO handling fails to handle the case of
    redirecting the /v1 request to /v1/ because it is handled purely by
    routes and does not enter the glance wsgi code. This means a https
    request is redirect to http and fails.

    oslo.middleware has middleware for handling the X-Forwarded-Proto header
    in a standard way so that services don't have to and so we should use
    that instead of our own mechanism.

    Leaving the existing header handling around until removal should not be
    a problem as the worst that will happen is it overwrites an existing
    'https' header value set by the middleware.

    Closes-Bug: #1558683
    Closes-Bug: #1590608
    Change-Id: I481d88020b6e8420ce4b9072dd30ec82fe3fb4f7