Reviewed: https://review.openstack.org/346090 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=6b3b7296b997d83bf272abc78581c6afb5d4131e Submitter: Jenkins Branch: master
commit 6b3b7296b997d83bf272abc78581c6afb5d4131e Author: Gleb Stepanov <[email protected]> Date: Fri Jul 22 18:37:48 2016 +0300 Skip malformed cookies Skip malformed cookies when parsing Cookie header in websocketproxy.py. Change-Id: I4091bd641ca3911666da328488c337835405400f Closes-Bug: #1496932 ** Changed in: nova Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1496932 Title: nova.console.websocketproxy fails if there is a cookie with invalid name Status in OpenStack Compute (nova): Fix Released Bug description: If cookie with invalid name (with '?' for example) is passed in the query, websocketproxy will fail to handle this query. Because of this, instance console is not working in Horizon ("Failed to connect to server (code: 1006)"). Easiest way to reproduce: $ curl 'https://$NOVNCPROXY_HOST:$NOVNCPROXY_PORT/websockify' -H 'Sec-WebSocket-Version: 13' -H 'Sec-WebSocket-Key: dGVzdAo=' -H 'Upgrade: websocket' -H 'Cookie: ?=!' -H 'Connection: Upgrade' -H 'Sec-WebSocket-Protocol: binary, base64' --compressed curl: (52) Empty reply from server This request leads to following message in nova-novncproxy.log: 2015-09-17 18:45:45.443 14494 INFO nova.console.websocketproxy [-] handler exception: Illegal key value: ? In real world this may happen when horizon is running on subdomain (e.g. sub.example.com), while some other "broken" application on parent domain (e.g. example.com) sets cookie with invalid name. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1496932/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
