diff options
author | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2016-10-10 09:46:14 +0300 |
---|---|---|
committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2016-10-10 09:46:14 +0300 |
commit | 6ad6ca33e73686437098c3eec3d35efec0dd03ac (patch) | |
tree | 35ab533a9cfbd507e0e06f9bc932fda807a23c25 /etc | |
parent | 53aca307bf6b6112b6a7e934746ba6f290c6435c (diff) | |
download | heat-6ad6ca33e73686437098c3eec3d35efec0dd03ac.tar.gz |
Add http_proxy_to_wsgi middleware to Heat CFN endpoint
This was already used in the API endpoint, but it's also needed in
the CFN endpoint. It's purpose is to process the X-Forwarded-Proto
header (or Proxy protocol if used) and set the protocol as directed
to https if done so. It's only needed if Heat is behind a TLS proxy
(such as HAProxy) and is also disabled by default.
Change-Id: Ibd81e1cf6bc1e3f63728b485e295478afa7f573c
Closes-Bug: #1590608
Diffstat (limited to 'etc')
-rw-r--r-- | etc/heat/api-paste.ini | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/heat/api-paste.ini b/etc/heat/api-paste.ini index 5ea89b5ae..b1068efd8 100644 --- a/etc/heat/api-paste.ini +++ b/etc/heat/api-paste.ini @@ -24,12 +24,12 @@ pipeline = cors request_id faultwrap versionnegotiation context custombackendaut # heat-api-cfn pipeline [pipeline:heat-api-cfn] -pipeline = cors cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app +pipeline = cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app # heat-api-cfn pipeline for standalone heat # relies exclusively on authenticating with ec2 signed requests [pipeline:heat-api-cfn-standalone] -pipeline = cors cfnversionnegotiation ec2authtoken context apicfnv1app +pipeline = cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app # heat-api-cloudwatch pipeline [pipeline:heat-api-cloudwatch] |