nova.console.websocketproxy fails if there is a cookie with invalid name
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Low
|
Ivan Mironov |
Bug Description
If cookie with invalid name (with '?' for example) is passed in the query, websocketproxy will fail to handle this query. Because of this, instance console is not working in Horizon ("Failed to connect to server (code: 1006)"). Easiest way to reproduce:
$ curl 'https:/
curl: (52) Empty reply from server
This request leads to following message in nova-novncproxy
2015-09-17 18:45:45.443 14494 INFO nova.console.
In real world this may happen when horizon is running on subdomain (e.g. sub.example.com), while some other "broken" application on parent domain (e.g. example.com) sets cookie with invalid name.
Changed in nova: | |
assignee: | nobody → Ivan Mironov (mironov-ivan) |
description: | updated |
tags: | added: console |
Changed in nova: | |
importance: | Undecided → Low |
Fix proposed to branch: master /review. openstack. org/224854
Review: https:/