diff options
author | Corentin LABBE <clabbe@baylibre.com> | 2018-07-30 09:44:57 +0200 |
---|---|---|
committer | Corentin LABBE <clabbe@baylibre.com> | 2018-07-30 09:44:57 +0200 |
commit | e2a93eae5955f294d4e37b7b653fb6fd86d72a61 (patch) | |
tree | d99765933a53ed2f10ce4ec2408fe9bf20acdb4e /lavalab-gen.py | |
parent | 61a473fb56ef7418314385df7b72cd58e40a2ff2 (diff) |
Fix login failure on https
When login on LAVA via https, a CSRF failure is done.
This is due to missing CSRF_TRUSTED_ORIGINS.
Diffstat (limited to 'lavalab-gen.py')
-rwxr-xr-x | lavalab-gen.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lavalab-gen.py b/lavalab-gen.py index 2d21fe7..597bd1a 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -68,6 +68,7 @@ template_settings_conf = string.Template(""" "HTTPS_XML_RPC": false, "LOGIN_URL": "/accounts/login/", "LOGIN_REDIRECT_URL": "/", + "CSRF_TRUSTED_ORIGINS": ["$lava_http_fqdn"], "CSRF_COOKIE_SECURE": $cookie_secure, "SESSION_COOKIE_SECURE": $session_cookie_secure } @@ -146,7 +147,7 @@ def main(): f_fqdn.write(lava_http_fqdn) f_fqdn.close() fsettings = open("%s/settings.conf" % workerdir, 'w') - fsettings.write(template_settings_conf.substitute(cookie_secure=cookie_secure, session_cookie_secure=session_cookie_secure)) + fsettings.write(template_settings_conf.substitute(cookie_secure=cookie_secure, session_cookie_secure=session_cookie_secure, lava_http_fqdn=lava_http_fqdn)) fsettings.close() master_use_zmq_auth = False if "zmq_auth" in worker: |