romain
-
-
-
desktop/core/src/desktop/settings.py (Diff revision 1) nit: TRUSTED_ORIGINS += [....] or TRUSTED_ORIGINS.extends([...])
HUE-9037 [core] Add .cloudera.com to trusted host for CSRF token
Review Request #14367 — Created Oct. 11, 2019 and submitted
| Information | |
|---|---|
| jgauthier | |
| hue | |
| master | |
| HUE-9037 | |
| Reviewers | |
| hue | |
| jgauthier, johan, ranade, romain, weixia, yingc | |
commit dcfbbc9c93cb0ecea0c2f265c4a4822f976b7d09
Author: Jean-Francois Desjeans Gauthier <jf.desjeans.gauthier@gmail.com>
Date: Fri Oct 11 10:28:08 2019 -0700
HUE-9037 [core] Add .cloudera.com to trusted host for CSRF token
When using https, Django will look at "HTTP_REFERER" request header to
see if it matches the current request's host when using unsafe (e.g.
POST) requests. When using Hue via Knox, the Knox host is the referrer
and if it is on a different host than the Hue host then it does not
match. To handle this, HUE-8750 adds the Knox host to
Django's CSRF_TRUSTED_ORIGINS and the Knox host is typically configured
via Cloudera Manager. Unfortunately, in Cloud scenario, the external
Knox host name may be different then the internal Knox host name and the
check fails yet again. To handle this, we're adding a new setting that
adds '.cloudera.com' as a trusted host.
Change-Id: I6b51df89375176c3dce5d84026582d484abf5dc2
:100644 100644 33549e9f83... f0b90d8f21... M desktop/conf.dist/hue.ini
:100644 100644 5d602e8e1a... dbc1a8b4d3... M desktop/conf/pseudo-distributed.ini.tmpl
:100644 100644 c97297a507... 382852e706... M desktop/core/src/desktop/conf.py
:100644 100644 2c051c991e... 346fa8c11c... M desktop/core/src/desktop/middleware.py
:100644 100644 6714624bc7... 487a32d83a... M desktop/core/src/desktop/settings.py
