-
Epic
-
Resolution: Done
-
Normal
-
None
-
None
-
Fix httpd RequestHeader setting X-Forwarded-Proto for non tls deployment
-
3
-
False
-
-
False
-
Not Selected
-
Proposed
-
No Docs Impact
-
To Do
-
openstack-operator-bundle-container-1.0.6-5
-
Proposed
-
Proposed
-
0% To Do, 0% In Progress, 100% Done
-
Release Note Not Required
-
Regression Only
-
-
-
Moderate
Service operators deploying httpd container are not setting RequestHeader X-Forwarded-Proto setting for non tls deployments, which results into response containing https urls even with tls disabled.
Some operators hard code it to https and others like neutron had it conditionally set but it was not honoring tls.ingress=true so was setting it to "http".
It should be set similar to below to work with both ocp route and LoadBalancer:-
{{- if $vhost.TLS }}
RequestHeader setIfEmpty X-Forwarded-Proto "https"
{{- else }}
RequestHeader setIfEmpty X-Forwarded-Proto "http"
{{- end }}
- is cloned by
-
-
- Closed
-
-
-
- Closed
-
