commit 676ba7bbc788a528b0fe4c87c1c4bf94b4bb6eb1
Author: Dave McCowan <email address hidden>
Date: Tue Feb 24 21:35:48 2015 -0500
Websocket Proxy should verify Origin header
If the Origin HTTP header passed in the WebSocket handshake does
not match the host, this could indicate an attempt at a
cross-site attack. This commit adds a check to verify
the origin matches the host.
Reviewed: https:/ /review. openstack. org/163034 /git.openstack. org/cgit/ openstack/ nova/commit/ ?id=676ba7bbc78 8a528b0fe4c87c1 c4bf94b4bb6eb1
Committed: https:/
Submitter: Jenkins
Branch: stable/juno
commit 676ba7bbc788a52 8b0fe4c87c1c4bf 94b4bb6eb1
Author: Dave McCowan <email address hidden>
Date: Tue Feb 24 21:35:48 2015 -0500
Websocket Proxy should verify Origin header
If the Origin HTTP header passed in the WebSocket handshake does
not match the host, this could indicate an attempt at a
cross-site attack. This commit adds a check to verify
the origin matches the host.
Change-Id: Ica6ec23d6f69a2 36657d5ba0c3f51 b693c633649
Closes-Bug: 1409142