Implement "CSRF_COOKIE_HTTPONLY" option support in horizon
The HTTP only flag protects the session cookies from cross-site scripting. Change-Id: Iec07b3b447051726ce218e5f31c8bf583731a90c
This commit is contained in:
parent
34c3cd4adf
commit
64cf176bef
@ -14,7 +14,7 @@ apiVersion: v1
|
|||||||
appVersion: v1.0.0
|
appVersion: v1.0.0
|
||||||
description: OpenStack-Helm Horizon
|
description: OpenStack-Helm Horizon
|
||||||
name: horizon
|
name: horizon
|
||||||
version: 0.1.7
|
version: 0.1.8
|
||||||
home: https://docs.openstack.org/horizon/latest/
|
home: https://docs.openstack.org/horizon/latest/
|
||||||
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Horizon/OpenStack_Project_Horizon_vertical.png
|
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Horizon/OpenStack_Project_Horizon_vertical.png
|
||||||
sources:
|
sources:
|
||||||
|
@ -188,6 +188,7 @@ conf:
|
|||||||
keystone_default_domain: Default
|
keystone_default_domain: Default
|
||||||
disable_password_reveal: "True"
|
disable_password_reveal: "True"
|
||||||
csrf_cookie_secure: "False"
|
csrf_cookie_secure: "False"
|
||||||
|
csrf_cookie_httponly: "False"
|
||||||
enforce_password_check: "True"
|
enforce_password_check: "True"
|
||||||
# Set enable_pwd_validator to true to enforce password validator settings.
|
# Set enable_pwd_validator to true to enforce password validator settings.
|
||||||
enable_pwd_validator: false
|
enable_pwd_validator: false
|
||||||
@ -275,6 +276,7 @@ conf:
|
|||||||
# settings to better secure the cookies from security exploits
|
# settings to better secure the cookies from security exploits
|
||||||
USE_SSL = {{ .Values.conf.horizon.local_settings.config.use_ssl }}
|
USE_SSL = {{ .Values.conf.horizon.local_settings.config.use_ssl }}
|
||||||
CSRF_COOKIE_SECURE = {{ .Values.conf.horizon.local_settings.config.csrf_cookie_secure }}
|
CSRF_COOKIE_SECURE = {{ .Values.conf.horizon.local_settings.config.csrf_cookie_secure }}
|
||||||
|
CSRF_COOKIE_HTTPONLY = {{ .Values.conf.horizon.local_settings.config.csrf_cookie_httponly }}
|
||||||
SESSION_COOKIE_SECURE = {{ .Values.conf.horizon.local_settings.config.session_cookie_secure }}
|
SESSION_COOKIE_SECURE = {{ .Values.conf.horizon.local_settings.config.session_cookie_secure }}
|
||||||
|
|
||||||
SESSION_COOKIE_HTTPONLY = {{ .Values.conf.horizon.local_settings.config.session_cookie_httponly }}
|
SESSION_COOKIE_HTTPONLY = {{ .Values.conf.horizon.local_settings.config.session_cookie_httponly }}
|
||||||
|
@ -73,6 +73,7 @@ conf:
|
|||||||
config:
|
config:
|
||||||
use_ssl: "True"
|
use_ssl: "True"
|
||||||
csrf_cookie_secure: "True"
|
csrf_cookie_secure: "True"
|
||||||
|
csrf_cookie_httponly: "True"
|
||||||
enforce_password_check: "True"
|
enforce_password_check: "True"
|
||||||
session_cookie_secure: "True"
|
session_cookie_secure: "True"
|
||||||
session_cookie_httponly: "True"
|
session_cookie_httponly: "True"
|
||||||
|
@ -8,4 +8,5 @@ horizon:
|
|||||||
- 0.1.5 Revert - Change Issuer to ClusterIssuer
|
- 0.1.5 Revert - Change Issuer to ClusterIssuer
|
||||||
- 0.1.6 Change Issuer to ClusterIssuer
|
- 0.1.6 Change Issuer to ClusterIssuer
|
||||||
- 0.1.7 Update glance default policy values
|
- 0.1.7 Update glance default policy values
|
||||||
|
- 0.1.8 Implement "CSRF_COOKIE_HTTPONLY" option support in horizon
|
||||||
...
|
...
|
||||||
|
Loading…
Reference in New Issue
Block a user