Currently most of api processes are running under httpd with wsgi frame work, but all httpd process have valid alias configuration for icons directory, which enables us to access /icons path.
~~~
[heat-admin@controller-0 ~]$ curl -v -I http://172.17.1.10:8774/icons/
* About to connect() to 172.17.1.10 port 8774 (#0)
* Trying 172.17.1.10...
* Connected to 172.17.1.10 (172.17.1.10) port 8774 (#0)
> HEAD /icons/ HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 172.17.1.10:8774
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Date: Fri, 29 Nov 2019 07:07:44 GMT
Date: Fri, 29 Nov 2019 07:07:44 GMT
< Server: Apache
Server: Apache
< Content-Type: text/html;charset=UTF-8
Content-Type: text/html;charset=UTF-8
<
* Connection #0 to host 172.17.1.10 left intact
~~~
Although it does not cause effect on software behaviour, it can bring us some security concern because it makes unnecessary files accessible
Fix proposed to branch: master /review. opendev. org/696648
Review: https:/