Reviewed: https://review.opendev.org/674364 Committed: https://git.openstack.org/cgit/openstack/tempest/commit/?id=fd01d15d144caa4d5a482301d05cf724c75c4500 Submitter: Zuul Branch: master
commit fd01d15d144caa4d5a482301d05cf724c75c4500 Author: Leo Henken <[email protected]> Date: Fri Aug 2 11:42:52 2019 -0500 Fix test_novnc to adequately validate websocket upgrade Currently, test_novnc validates the websocket upgrade by verifying that the websocket response reports a protocol switch and that the response includes a server name specified in the configuration field vnc_server_header. This explicit server name configuration field introduces a security concern and convolutes the code base. HTTP RFC7231 (https://tools.ietf.org/html/rfc7231) section 6.2.2 says that when switching protocols, the response "MUST generate an Upgrade header field that indicates which protocols will be switched to". This patchset uses this required Upgrade field to validate the websocket upgrade instead of an environment-based configuration field, making the code base cleaner, safer, and more reliable. vnc_server_header is deprecated and necessary release notes are created. Change-Id: I5d3c9bdd0d20a15ade672f276dd0f24b654e3de5 Closes-bug: #1838777 Closes-bug: #1840788 ** Changed in: tempest Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1840788 Title: websockify-0.9.0 breaks tempest tests Status in OpenStack Compute (nova): In Progress Status in tempest: Fix Released Bug description: see https://review.opendev.org/677479 for a test review To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1840788/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
