Openstack OSA Latest - Glance
Dmitriy Rabotyagov
noonedeadpunk at gmail.com
Fri May 6 12:12:41 UTC 2022
Hi Derek.
I believe that is the result of this change [1]. I can suggest adding
`haproxy_security_headers_csp_report_only: True` to your
user_variables.yml and re-running haproxy playbook.
That should disable failure when verification of CSP not passing.
At the same time I wonder why the issue has happened in the first
place. I can imagine that happening when you're trying to upload via
domain name while endpoints are set for IP only?
[1] https://opendev.org/openstack/openstack-ansible/commit/b6fe07ecf810ede06cd5007396fd5286937e6616
пт, 6 мая 2022 г. в 13:52, Derek O keeffe <derekokeeffe85 at yahoo.ie>:
>
> Hi all,
>
> Could any one tell me if they have come across this error (in the chrome console) while trying to create a new image in horizon:
>
> Refused to connect to 'https://10.37.110.104:9292/v2/images/3e553b60-0a6c-48a0-b855-60088839201e/file' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback
>
> If so, any advice? I can scp the image file to the utility container and upload it from there no problem. Also, journalctl -f on the glance container shows nothing when the process fails. We have set the internal and external lb vip addresses differently but both are on the same subnet (internal) as it's an in house deploy.
>
> So two addresses on the mgmt interface to be precise. Maybe that's causing an issue.
>
> Regards,
> Derek
More information about the openstack-discuss
mailing list