icebox configuration: lock down the /artifacts/import method

Bug #1218382 reported by Lars Butler
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenQuake Platform

Bug Description

When the oq-engine-server finishes a calculation, it can optionally POST to icebox's /artifacts/import endpoint and pass in a oq-engine-server URL from which icebox can import calculation results. (See However, since this method doesn't require authentication, there is potential for DoS exploitation by posting bogus requests. Thus, when the icebox is installed, we need to configure the webserver to restrict access and only allows POSTs from the oq-engine-server.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.