Bug 2237376

Summary: [IBM] [Ceph Dashboard]: Allow CORS for an unauthorized access
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Nizamudeen <nia>
Component: Ceph-DashboardAssignee: Nizamudeen <nia>
Status: CLOSED ERRATA QA Contact: Sayalee <saraut>
Severity: high Docs Contact: Akash Raj <akraj>
Priority: unspecified    
Version: 5.3CC: akraj, ceph-eng-bugs, cephqe-warriors, nizamudeena, tserlin, vereddy
Target Milestone: ---   
Target Release: 6.1z2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-17.2.6-131.el9cp Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-10-12 16:34:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2235257    

Description Nizamudeen 2023-09-05 07:30:04 UTC 
This bug was initially created as a copy of Bug #2235563

I am copying this bug because: I need to deliver this fix in 6.1z2 as well



Description of problem:
Try to access the dashboard api from a different origin with an invalid token and see that there is no Access-Control-Allow-Origin header set in the response header. This is needed for the IBM SI to catch error like 401 on their code.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 RHEL Program Management 2023-09-05 07:30:15 UTC 
Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.
Comment 10 errata-xmlrpc 2023-10-12 16:34:37 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Red Hat Ceph Storage 6.1 security, enhancement, and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:5693
Comment 11 Red Hat Bugzilla 2024-03-03 04:25:23 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days