copy middleware stores per-request data on the WSGI filter
Bug #1774719 reported by
Tim Burke
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Object Storage (swift) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
In __call__ we assign self.account_name, self.container_
The good news is, all subrequests are authorized normally, so this *shouldn't* have an security implications -- but if a user issues several concurrent COPYs for which they *are* authorized, we aren't necessarily copying the correct data for them!
Note that it looks like *only* the COPY verb is affected.
[1] https:/
[2] https:/
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/571903 /git.openstack. org/cgit/ openstack/ swift/commit/ ?id=9ef2a828166 aece6b374a97b07 77b90c359fdebd
Committed: https:/
Submitter: Zuul
Branch: master
commit 9ef2a828166aece 6b374a97b0777b9 0c359fdebd
Author: Tim Burke <email address hidden>
Date: Wed May 30 15:52:16 2018 -0700
copy: Stop hanging per-request data on middleware instance
Change-Id: Ib7b208669e900b 84a7759819ef76b 7b5b7ce8c9a
Closes-Bug: 1774719