Public bug reported: Steps to reproduce: Deploy Openstack, Devstack Pike is enough
add following option into /etc/openstack-dashboard/local_settings.py : CSRF_COOKIE_HTTPONLY = True Restart Apache Expected result: Horizon works Actual result: Several issues appear in Horizon. Request to /api/policy returns 403, and "Policy check failed" warning displayed. At least "Launch instance" and "Create image" dashboards are affected ** Affects: horizon Importance: Undecided Status: New ** Attachment added: "Screen Shot 2018-11-09 at 12.52.45 PM.png" https://bugs.launchpad.net/bugs/1819423/+attachment/5245358/+files/Screen%20Shot%202018-11-09%20at%2012.52.45%20PM.png -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1819423 Title: Horizon does not support CSRF_COOKIE_HTTPONLY option Status in OpenStack Dashboard (Horizon): New Bug description: Steps to reproduce: Deploy Openstack, Devstack Pike is enough add following option into /etc/openstack-dashboard/local_settings.py : CSRF_COOKIE_HTTPONLY = True Restart Apache Expected result: Horizon works Actual result: Several issues appear in Horizon. Request to /api/policy returns 403, and "Policy check failed" warning displayed. At least "Launch instance" and "Create image" dashboards are affected To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1819423/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp