Public bug reported:
Steps to reproduce:
Deploy Openstack, Devstack Pike is enough
add following option into /etc/openstack-dashboard/local_settings.py :
CSRF_COOKIE_HTTPONLY = True
Restart Apache
Expected result:
Horizon works
Actual result:
Several issues appear in Horizon. Request to /api/policy returns 403, and
"Policy check failed" warning displayed. At least "Launch instance" and "Create
image" dashboards are affected
** Affects: horizon
Importance: Undecided
Status: New
** Attachment added: "Screen Shot 2018-11-09 at 12.52.45 PM.png"
https://bugs.launchpad.net/bugs/1819423/+attachment/5245358/+files/Screen%20Shot%202018-11-09%20at%2012.52.45%20PM.png
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1819423
Title:
Horizon does not support CSRF_COOKIE_HTTPONLY option
Status in OpenStack Dashboard (Horizon):
New
Bug description:
Steps to reproduce:
Deploy Openstack, Devstack Pike is enough
add following option into /etc/openstack-dashboard/local_settings.py :
CSRF_COOKIE_HTTPONLY = True
Restart Apache
Expected result:
Horizon works
Actual result:
Several issues appear in Horizon. Request to /api/policy returns 403, and
"Policy check failed" warning displayed. At least "Launch instance" and "Create
image" dashboards are affected
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1819423/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
