[GitHub] [airflow] nirutgupta opened a new issue, #29108: Unable to login in iframe

Mon, 23 Jan 2023 07:50:33 -0800 


nirutgupta opened a new issue, #29108:
URL: https://github.com/apache/airflow/issues/29108

   ### Apache Airflow version
   
   Other Airflow 2 version (please specify below)
   
   ### What happened
   
   Airflow Version : 2.3.2
   Helmchart Version: 1.3.0
   
   When trying to login with admin credentials via iframe, it is getting 
redirected back to login page.
   Auth getting used : airflow.api.auth.backend.basic_auth
   
   ### What you think should happen instead
   
   Should be able to login just like how it should be when opened in a new tab.
   
   ### How to reproduce
   
   `webserver: 
         webserverConfig:
               WTF_CSRF_ENABLED = False `
   
   I am using Kubernetes Executor and auth as 
   ```
   api:
       auth_backend: airflow.api.auth.backend.basic_auth
   ```
   
   There are multiple webservers pods though it can be reproducible even in one 
webserver instance setup.
   
   ### Operating System
   
   apache/airflow:2.3.2-python3.8 this is the image I am using.
   
   ### Versions of Apache Airflow Providers
   
   2.3.2
   
   ### Deployment
   
   Official Apache Airflow Helm Chart
   
   ### Deployment details
   
   I have added the related details under How to reproduce section. Putting the 
ingress section as well.
   
   ```
   ingress:
     # Enable ingress resource
     enabled: true
   
     # Configs for the Ingress of the web Service
     web:
       # Annotations for the web Ingress
       annotations:
         kubernetes.io/ingress.class: nginx
         nginx.ingress.kubernetes.io/ssl-redirect: "false"
         host: "<internal host>"
   ```
   
   ### Anything else
   
   Proper documentation is lagging for the iframe enable setup. I know this 
feature is added for security purposes but they should be disabled with the 
flag. 
   
   I have tried adding these two environment variables under webserver config 
section after searching but no luck.
       SESSION_COOKIE_SAMESITE = 'None'
       SAMESITE = 'None'
   
   ### Are you willing to submit PR?
   
   - [ ] Yes I am willing to submit a PR!
   
   ### Code of Conduct
   
   - [X] I agree to follow this project's [Code of 
Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to