Uploaded image for project: 'Hue'
  1. Hue
  2. HUE-9037

[core] Add .cloudera.com to trusted hosts for CSRF

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.5.0
    • Fix Version/s: 4.6.0
    • Component/s: core.api
    • Labels:
      None

      Description

      When using https, Django will look at "HTTP_REFERER" request header to see if it matches the current request's host when using unsafe (e.g. POST) requests. When using Hue via Knox, the Knox host is the referrer and if it is on a different host than the Hue host then it does not match. To handle this, HUE-8750 https://github.com/cloudera/hue/commit/175a2c7cc05670d4704cdcb5a7e780aaf01e4644

      adds the Knox host to Django's CSRF_TRUSTED_ORIGINS and the Knox host is typically configured via Cloudera Manager. Unfortunately, in Cloud scenario, the external Knox host name may be different then the internal Knox host name and the check fails yet again. To handle this, we're adding a new setting that adds '.cloudera.com' as a trusted host.

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jgauthier Jean Francois Desjeans Gauthier
                Reporter:
                jgauthier Jean Francois Desjeans Gauthier
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: