Public bug reported:
Nova version, output of 'git log -1':
commit 676ba7bbc788a528b0fe4c87c1c4bf94b4bb6eb1
Author: Dave McCowan <[email protected]>
Date: Tue Feb 24 21:35:48 2015 -0500
Websocket Proxy should verify Origin header
If the Origin HTTP header passed in the WebSocket handshake does
not match the host, this could indicate an attempt at a
cross-site attack. This commit adds a check to verify
the origin matches the host.
Change-Id: Ica6ec23d6f69a236657d5ba0c3f51b693c633649
Closes-Bug: 1409142
Reproduce steps:
1. Enable soft delete via set reclaim_instance_interval in nova.conf.
2. A normal project: ProjectA create a new instance and then delete it, then
it's status change to SOFT_DELETED.
3. Now restore the instance by admin user in project: admin, the instance back
to ACTIVE, but the quota usage of project: admin has changed, the flavor of
that instance has added on admin project quota usage.
** Affects: nova
Importance: Undecided
Assignee: zhengyue (zhengyue-5)
Status: New
** Tags: nova quotas
** Description changed:
Nova version, output of 'git log -1':
- commit 676ba7bbc788a528b0fe4c87c1c4bf94b4bb6eb1
- Author: Dave McCowan <[email protected]>
- Date: Tue Feb 24 21:35:48 2015 -0500
+ commit 676ba7bbc788a528b0fe4c87c1c4bf94b4bb6eb1
+ Author: Dave McCowan <[email protected]>
+ Date: Tue Feb 24 21:35:48 2015 -0500
- Websocket Proxy should verify Origin header
-
- If the Origin HTTP header passed in the WebSocket handshake does
- not match the host, this could indicate an attempt at a
- cross-site attack. This commit adds a check to verify
- the origin matches the host.
-
- Change-Id: Ica6ec23d6f69a236657d5ba0c3f51b693c633649
- Closes-Bug: 1409142
+ Websocket Proxy should verify Origin header
+
+ If the Origin HTTP header passed in the WebSocket handshake does
+ not match the host, this could indicate an attempt at a
+ cross-site attack. This commit adds a check to verify
+ the origin matches the host.
+
+ Change-Id: Ica6ec23d6f69a236657d5ba0c3f51b693c633649
+ Closes-Bug: 1409142
Reproduce steps:
- 1. Enable soft delete via set reclaim_instance_interval in nova.conf.
+ 1. Enable soft delete via set reclaim_instance_interval in nova.conf.
2. A normal project: ProjectA create a new instance and then delete it, then
it's status change to SOFT_DELETED.
- 3. Now restore the instance by admin user in project: admin, the instance
back to ACTIVE, but the quota usage of project: admin has changed.
+ 3. Now restore the instance by admin user in project: admin, the instance
back to ACTIVE, but the quota usage of project: admin has changed, the flavor
of that instance has added on admin project quota usage.
** Changed in: nova
Assignee: (unassigned) => zhengyue (zhengyue-5)
** Changed in: nova
Assignee: zhengyue (zhengyue-5) => (unassigned)
** Changed in: nova
Assignee: (unassigned) => zhengyue (zhengyue-5)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1482444
Title:
Abnormal changes of quota usage after instance restored by admin
Status in OpenStack Compute (nova):
New
Bug description:
Nova version, output of 'git log -1':
commit 676ba7bbc788a528b0fe4c87c1c4bf94b4bb6eb1
Author: Dave McCowan <[email protected]>
Date: Tue Feb 24 21:35:48 2015 -0500
Websocket Proxy should verify Origin header
If the Origin HTTP header passed in the WebSocket handshake does
not match the host, this could indicate an attempt at a
cross-site attack. This commit adds a check to verify
the origin matches the host.
Change-Id: Ica6ec23d6f69a236657d5ba0c3f51b693c633649
Closes-Bug: 1409142
Reproduce steps:
1. Enable soft delete via set reclaim_instance_interval in nova.conf.
2. A normal project: ProjectA create a new instance and then delete it, then
it's status change to SOFT_DELETED.
3. Now restore the instance by admin user in project: admin, the instance
back to ACTIVE, but the quota usage of project: admin has changed, the flavor
of that instance has added on admin project quota usage.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1482444/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
