yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #33090
[Bug 1458498] [NEW] Authenticated URLs not accepted when Launching stacks
Public bug reported:
When trying to launch a new heat stack from horizon using URL input, the input validation seemingly only accepts a standard URL (e.g. https://domain.com/path/to/template.yaml).
However, if a URL contains login credentials (e.g. https://user:password@xxxxxxxxxx/path/to/template.yaml), the input validation throws "Enter a valid URL". The URL is valid and can be curl'd etc, and while passing credentials like that may not be the safest, in an isolated network it is sometimes done.
Horizon shouldn't prevent these types of URLs being entered.
** Affects: horizon
Importance: Undecided
Status: New
** Tags: heat
** Description changed:
- If trying to launch a new heat stack from horizon, using URL input, the input validation seemingly only accepts a standard URL (e.g. https://domain.com/path/to/template.yaml).
+ When trying to launch a new heat stack from horizon using URL input, the input validation seemingly only accepts a standard URL (e.g. https://domain.com/path/to/template.yaml).
However, if a URL contains login credentials (e.g. https://user:password@xxxxxxxxxx/path/to/template.yaml), the input validation throws "Enter a valid URL". The URL is valid and can be curl'd etc, and while passing credentials like that may not be the safest, in an isolated network it is sometimes done.
Horizon shouldn't prevent these types of URLs being entered.
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1458498
Title:
Authenticated URLs not accepted when Launching stacks
Status in OpenStack Dashboard (Horizon):
New
Bug description:
When trying to launch a new heat stack from horizon using URL input, the input validation seemingly only accepts a standard URL (e.g. https://domain.com/path/to/template.yaml).
However, if a URL contains login credentials (e.g. https://user:password@xxxxxxxxxx/path/to/template.yaml), the input validation throws "Enter a valid URL". The URL is valid and can be curl'd etc, and while passing credentials like that may not be the safest, in an isolated network it is sometimes done.
Horizon shouldn't prevent these types of URLs being entered.
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1458498/+subscriptions
Follow ups
References