summaryrefslogtreecommitdiff
path: root/oslo_middleware
Commit message (Collapse)AuthorAgeFilesLines
* Document security considerations for detailed healthcheckBen Nemec2018-10-051-1/+5
| | | | | | | | | The detailed healthcheck output includes some potentially sensitive information like stack traces of the service. This may be unacceptable in some organizations and we should point it out in the help for the option. Change-Id: Ic10c29f39ef601e4c7873acb0d56e1ec8e4ebcb3
* Remove moxstubout usageChuck Short2018-08-211-5/+2
| | | | | | | | As of version 3.5.0 moxstub will be deprecated, so remove it where it has been used. Change-Id: Ic98f3035fd9dff165259e3d194ab5eea11469169 Signed-off-by: Chuck Short <chucks@redhat.com>
* Imported Translations from Zanata3.35.0OpenStack Proposal Bot2018-03-011-6/+6
| | | | | | | For more information about this automatic import see: https://docs.openstack.org/i18n/latest/reviewing-translation-import.html Change-Id: I633afcf1828de3c0dae91beb466b09a3cafe106e
* Merge "Remove method set_latent"3.32.1Jenkins2017-09-252-190/+3
|\
| * Remove method set_latentChangBo Guo(gcb)2017-08-212-190/+3
| | | | | | | | | | | | | | | | | | | | | | Method set_latent is deprecated in favor of method set_defaults in e9c3a23e845d8c53b266a3b2e4ca7fb0a5a0425a, we don't use this method in any project, it's safe to remove it now. Closes-Bug: #1659051 Closes-Bug: #1642008 Change-Id: Ic7f0c3801f42ebafda81a1fa0b02bde6d15b545d
* | Remove Class HTTPProxyToWSGIMiddlewarechenghuiyu2017-09-042-10/+2
| | | | | | | | | | | | | | | | Class HTTPProxyToWSGIMiddleware was no longer necessary in new release, and it was deprecated for removal. Change-Id: Id442cc216723dbe875f817c91d90d258f1bb2db6 Closes-Bug: #1714860
* | Imported Translations from Zanata3.31.0OpenStack Proposal Bot2017-08-243-81/+0
| | | | | | | | | | | | | | For more information about this automatic import see: https://docs.openstack.org/i18n/latest/reviewing-translation-import.html Change-Id: I0e00c208ae201a2ea0fb380e54d7b6d739fdc2ad
* | Invalid parsing of Forwarded header fixedAdam Kijak2017-08-212-1/+13
|/ | | | | | | | _parse_rfc7239_header() did not parse properly a Forwarded header with additional spaces Closes-Bug: #1711573 Change-Id: Ic8b7f9698d7b3440005b17d249b1c8f0f66dae8a
* Fix exception in json response under py35Yujun Zhang2017-07-312-0/+9
| | | | | | | charset is required when response with body Closes-Bug: #1707127 Change-Id: I9921c67866d252f972954eed5afbc90389e06c3f
* Update URLs in documents according to document migration3.30.0ChangBo Guo(gcb)2017-07-121-1/+1
| | | | Change-Id: Ie988ab85d74f314a3c0ecc0f86ddd9dc48ab2305
* Merge "Replace deprecated inspect function in Python 3"3.29.2Jenkins2017-07-051-2/+8
|\
| * Replace deprecated inspect function in Python 3Samuel de Medeiros Queiroz2017-06-271-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replace deprecated inspect.getargspec [1] with inspect.getfullargspec [2], which is not deprecated in Python 3.x inspect.getargspec is kept for Python 2.x, as the new function is not available for it. This was causing keystone unit tests output to be flooded with deprecation warnings [3] [1] https://docs.python.org/3/library/inspect.html#inspect.getargspec [2] https://docs.python.org/3/library/inspect.html#inspect.getfullargspec [3] http://logs.openstack.org/43/474543/3/check/gate-keystone-python35/ae16a96/console.html.gz#_2017-06-15_22_15_16_925141 Change-Id: Ia37ac562122d6315be1ce1277a6753a9caf15998
* | Remove deprecated oslo.subdomain from CORS optsSamuel de Medeiros Queiroz2017-06-191-1/+0
|/ | | | | | | | | | | | | | Defining configuration under cors.* blocks is deprecated. However, we advertise [cors.subdomain] as a CORS section, and still throw a warning if that section (that we list) is used in config files. This was causing warnings in the keystone unit tests output, since the generated config file does contain both of those listed sections [2]. [1] https://github.com/openstack/oslo.middleware/blob/master/oslo_middleware/cors.py#L200-L205 [2] https://github.com/openstack/keystone/blob/master/etc/keystone.conf.sample#L587-L616 Change-Id: Ice114bf1fdceda7bf122f5fd6b98fc88a85c8ff3
* Remove usage of parameter enforce_typeChangBo Guo(gcb)2017-05-314-9/+5
| | | | | | | | | We deprecate and change parameter enforce_type's default value to True[1], and will remove it int the future, so don't need it anymore. [1] https://review.openstack.org/328692 Change-Id: I243444f53e14543c5e4ae4c40d9582fb2d17e155
* Set global_request_id if passed in as X-OpenStack-Request-ID.Sean Dague2017-05-232-0/+57
| | | | | | | | If an inbound header that validates against the regex ``req-$uuid`` is passed in, we'll set it where oslo.context could later read it. This creates a mechanism for parents to pass their request-id to children. Change-Id: I5c5268e8680392395fbe04efe0124575ad8db468
* Allow compatibility headers for request_idSean Dague2017-05-232-2/+38
| | | | | | | | | | | | We discovered that Nova is using a local version of the request_id header code because it's x-compute-request-id predates x-openstack-request-id, and things were never migrated after the oslo code was extracted. In order to let Nova use the base code (which may become more complicated with inbound request-id setting) we need to support a compat headers field, which is additional http header names that should be set with the request-id value. Change-Id: I18a92f8bf2f85fcf30d32be68bae58f64b135df0
* Fix test_request_too_large_no_content_length failureChangBo Guo(gcb)2017-04-132-7/+1
| | | | | | | | | | | | | | | | Webob >=1.7.0 change its way to check if body is readable [1], The is_body_readable() method returns False now. request.content_length will be set when set request.body automatically, and if request.context_length is None request.body will return returns b''.[3] So just set request.body in test. [1] https://github.com/Pylons/webob/commit/0e6fcbfbc58af6fdd4e125543bf8f5fb91b984c6 [2] https://github.com/Pylons/webob/blame/master/webob/request.py#L699 [3] https://github.com/Pylons/webob/blame/master/webob/request.py#L692 Closes-Bug: #1679658 Change-Id: I4e0932dd8664d96b2733c5d3b1fa846af0c7d132
* Remove log translations3.25.0lioplhp2017-03-283-19/+7
| | | | | | | | | | | | | Log messages are no longer being translated. This removes all use of the _LE, _LI, and _LW translation markers to simplify logging and to avoid confusion with new contributions. See: http://lists.openstack.org/pipermail/openstack-i18n/2016-November/002574.html http://lists.openstack.org/pipermail/openstack-dev/2017-March/113365.html Change-Id: I797b5f0374d6f8ca1cb4641246cab414aa5466dd
* pbr.version.VersionInfo needs package name (oslo.xyz and not oslo_xyz)Davanum Srinivas2017-02-061-1/+1
| | | | | | | | | | | | We need to pass into VersionInfo what one would expect from running: setup.py --name Right now we pass in say oslo_context and pbr fails if there is no .git in the python source tree Closes-Bug: #1662266 Change-Id: Ia1495af62a02410607c27f443af59dc20b052072
* Filter token data out of catch_errors middleware3.23.1Jamie Lennox2017-01-262-3/+30
| | | | | | | | | If an exception is caught by the catch_errors middleware the entire request is dumped into the log including sensitive information like tokens. Filter that information before outputting the failed request. Closes-Bug: #1628031 Change-Id: I2563403993513c37751576223275350cac2e0937
* Merge "remove superfluous random stuff"3.23.0Jenkins2017-01-171-27/+12
|\
| * remove superfluous random stuffDoug Hellmann2017-01-161-27/+12
| | | | | | | | | | Change-Id: Idb5ae55971e7f76348c224b1bea5c5e19c6278e0 Signed-off-by: Doug Hellmann <doug@doughellmann.com>
* | Merge "Add new middleware to send API data to statsd"Jenkins2017-01-172-0/+288
|\ \ | |/
| * Add new middleware to send API data to statsdJulian Edwards2017-01-042-0/+288
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new StatsMiddleware is a Paste filter that examines the URL path and request method, and sends a stat count and a timer to a statsd host whose name is based on the path/method. If your statsd is configured to send stats to Graphite, you'll end up with stat names of the form: timer.<appname>.<METHOD>.<path>.<from>.<url> Because a dot has special meaning in Graphite, dots in API versions that appear in the path will be replaced with _, so for example v2.1 becomes v2_1, and v1.0 becomes v1_0. Change-Id: Ieaffeded1bf81c0782d88f49b6f5209f11744899
* | Merge "Replaces uuid.uuid4 with uuidutils.generate_uuid()"Jenkins2017-01-051-2/+2
|\ \
| * | Replaces uuid.uuid4 with uuidutils.generate_uuid()zhangguoqing2016-12-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Openstack common has a wrapper for generating uuids. We should use that function when generating uuids for consistency. Change-Id: I50cd018b490dea341e6bcfb3034a0244194b4d99 Closes-Bug: #1082248
* | | Replace six.iteritems() with .items()gengchc22016-12-091-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1.As mentioned in [1], we should avoid using six.iteritems to achieve iterators. We can use dict.items instead, as it will return iterators in PY3 as well. And dict.items/keys will more readable. 2.In py2, the performance about list should be negligible, see the link [2]. [1] https://wiki.openstack.org/wiki/Python3 [2] http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html Change-Id: Ieb7b8a62ef5b8fae79fa41861ad3910ecad988c8
* | | Merge "Filter X-Auth-Token in catch_errors"Jenkins2016-12-072-0/+5
|\ \ \ | |/ / |/| |
| * | Filter X-Auth-Token in catch_errorsJiaJunsu2016-11-302-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | If X-Auth-Token is logged in files, it may be caught by attackers. This patch tries to replace token-id by * in log files. Change-Id: Icf0cd9d4da37575d79a0da94ade979793ad0d3fa Closes-Bug:#1646254
* | | Transform healthcheck from filter to an application3.22.0Julien Danjou2016-12-012-17/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The healthcheck middleware has actually wrongly been designed as a filter, whereas it is its own application. This patch fixes that by exporting the healthcheck middleware as an application, while keeping the old behaviour for compatibility with existing deployment. Change-Id: I1ff43c71449f1955267faf6a85f4d70f705db097
* | | Merge "Suggest to use egg based filter_factory rather than fragile full path"Jenkins2016-12-011-3/+3
|\ \ \ | |/ / |/| |
| * | Suggest to use egg based filter_factory rather than fragile full pathJulien Danjou2016-11-291-3/+3
| | | | | | | | | | | | | | | | | | This makes sure that if the module organization change, nothing breaks. Change-Id: Ib4fb1e2210a9cea6b12214e0d1e3570086ac2e68
* | | Merge "Document how to use detailed mode in healthcheck"3.21.0Jenkins2016-11-291-0/+4
|\ \ \ | |/ / |/| |
| * | Document how to use detailed mode in healthcheckMatt Fischer2016-11-281-0/+4
| | | | | | | | | | | | | | | | | | | | | The detailed mode is referenced in the documenation but it is never explained how to enable it. This exposes it in the docs. Change-Id: I136669a7dd0e6e0d293a9b9ea1b685de82404e2b
* | | Remove self-referential link in docsMatt Fischer2016-11-281-3/+0
|/ / | | | | | | | | | | | | | | The link in this file points to the same page that hosts the content. You can see this here: http://docs.openstack.org/developer/oslo.middleware/healthcheck_plugins.html Change-Id: I9645917f8f6d1a586d66ad1a6dddda20f949aeb6
* | Allow healthcheck to be configured by oslo.configJamie Lennox2016-11-026-26/+127
| | | | | | | | | | | | | | | | | | | | | | | | | | It is standard practice in oslo.middleware to allow configuration via both the paste file and the oslo.config file. Projects such as keystone don't allow shipping default configuration in the paste.ini files. Use the configuration methods provided by the existing base middleware to allow configuing via oslo.config and register the sample options available for the middleware. Closes-Bug: #1634329 Change-Id: I33b7b1f9d945280265eb3b712cb85a2d66616c17
* | Merge "Replace 'assertEqual(None, ...)' with 'assertIsNone(...)'"Jenkins2016-11-011-3/+3
|\ \
| * | Replace 'assertEqual(None, ...)' with 'assertIsNone(...)'howardlee2016-11-011-3/+3
| | | | | | | | | | | | | | | | | | TrivialFix Change-Id: I15aaf281a1f830b88b372124ffe92e4d77bd8fed
* | | TrivialFix: Remove default=None when set value in Configmelissaml2016-10-191-1/+0
|/ / | | | | | | | | | | | | | | | | By default oslo.cfg sets the default values as None [1], There is no need to explicitly do this. [1] https://github.com/openstack/oslo.config/blob/master/oslo_config/cfg.py#L829 Change-Id: Ia91d058a2ba434755ff77fc3162c046fbf0776fd
* | Merge "Limit ssl deprecation warning to external importers"3.20.0Jenkins2016-10-171-4/+1
|\ \
| * | Limit ssl deprecation warning to external importersHenry Gessau2016-10-171-4/+1
| | | | | | | | | | | | | | | | | | Closes-Bug: #1629671 Change-Id: I946ee89d9f078e2a766a2b0c89141d067c483cfa
* | | Merge "Deprecated set_latent"Jenkins2016-10-171-0/+4
|\ \ \ | |/ / |/| |
| * | Deprecated set_latentMichael Krotscheck2016-05-051-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the introduction of set_defaults, as well as new documentation features for default values in oslo_config, the CORS middleware has been placed in the odd position where its configuration behaves inconsistently. A user may use set_defaults to set persisted default values that may be overridden, or they may use set_latent to add values that will be applied to every request. As both of these serve essentially the same function, and the latter is only necessary if it is feasible to configure multiple allowed_origins with different CORS properties. With the depecation of multiple configuration blocks, it is no longer necessary to maintain this feature. Therefore, this patch adds the necessary deprecation flags, and removes it from the documentation. Change-Id: Icd44684b3d05ff6a07665348c08adff8245f2523
* | | Merge "Add reno for release notes management"Jenkins2016-10-131-0/+18
|\ \ \
| * | | Add reno for release notes managementKirill Bespalov2016-06-301-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | An initial patch to add reno and create a base directory for release notes Change-Id: I2fa27beb5d7e2c898ce567dce2add00ccdb54afe
* | | | make sure we handle the forwarded for headersGuang Yee2016-09-082-0/+31
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The X-Forwarded-For header or the "for=" component in the Forwarded header (per RFC 7239) is essential for applications to keep track of the originating peer IP. CADF auditing, for example, is relying on REMOTE_ADDR to accurating keeping track of the real client address. If either headers are present, the REMOTE_ADDR WSGI request environment variable will be replaced by the forwarded for address. The Forwarded header have precedence over the X-Forwarded-For header. Change-Id: Ib690e3274cd00d8cfa8a15d341ac433555495ce6
* | | Merge "Show more healthcheck examples"Jenkins2016-08-291-25/+178
|\ \ \
| * | | Show more healthcheck examplesJoshua Harlow2016-08-231-25/+178
| | | | | | | | | | | | | | | | Change-Id: I164b192f85ee9232a92ad7a5e99a3af647813dc8
* | | | Merge "Remove pot files"3.19.0Jenkins2016-08-242-50/+0
|\ \ \ \
| * | | | Remove pot filesAndreas Jaeger2016-08-242-50/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We do not store pot files anymore in repositories, instead they are published at http://tarballs.openstack.org/translation-source/oslo.middleware/master/ after each commit and thus always accurate. Remove these outdated and obsoleted files. Change-Id: I3af3a1f4d73fac1505c32de82bffc48a376eeecd