OpenStack-Ansible

[Antelope][Deployment][Horizon] - csrf_failure

Bug #2071952 reported by Nilesh
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack-Ansible
Triaged
Medium
Unassigned

Bug Description

OS - Ubuntu 22.04
OSA - Antelope 2023.1
SSL/TLS - NO

I was deploying non-ssl deployment, deployment went succefull, but after the installation when trying to access the horizon seeing the following error:-

~~~
Referer checking failed - Referer is insecure while host is secure. Cookies may be turned off. Make sure cookies are enabled and try again.
~~~

~~~
https://pasteboard.co/oRR9sQuOqjft.png
~~~

~~~
Jul 04 17:52:41 ctrl002.ct.lan apache2[5246]: [wsgi:error] [pid 5246:tid 140210059286080] [remote 172.29.231.201:53980] Forbidden (Referer checking failed - Referer is insecure while host is secure.): /auth/login/~
~~~

Thanks,

Revision history for this message
Nilesh (cnilesh) wrote :

* faced the same issue on new deployment

https://pasteboard.co/cQNmezbabsnz.png

https://paste.openstack.org/show/b5B8n0KLXBzWicWj0Ttn/

Revision history for this message
Nilesh (cnilesh) wrote :

~~~
Referer checking failed - Referer is insecure while host is secure. Cookies may be turned off. Make sure cookies are enabled and try again.
~~~

Revision history for this message
Dmitriy Rabotyagov (noonedeadpunk) wrote :

Hey,

I've just spawned a Horizon in an AIO setup on bare metal (without containers) and from stable/2023.1, and I was not able to see the issue.

Can you confirm, that `cat /etc/horizon/local_settings.py | grep SECRET` does return you a secret and not any kind of local file lookup?

Revision history for this message
Dmitriy Rabotyagov (noonedeadpunk) wrote :

Ok, I was able to reproduce the issue.

I believe adding `openstack_external_ssl: False` to your user_variables and re-running os-horizon-install.yml should solve the issue.

Revision history for this message
Nilesh (cnilesh) wrote :

noonedeadpunk++ Thank you.

Dmitriy Rabotyagov (noonedeadpunk)
Changed in openstack-ansible:
status: New → Triaged
importance: Undecided → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.