Bug 1447405 - Metrics API URL is blocked by uBlockOrigin browser extension
Summary: Metrics API URL is blocked by uBlockOrigin browser extension
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Management Console
Version: 3.5.1
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: ---
Assignee: Samuel Padgett
QA Contact: shahan
URL:
Whiteboard:
: 1430888 (view as bug list)
Depends On: 1430888 1446308
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-05-02 16:07 UTC by Matt Wringe
Modified: 2017-08-16 19:51 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Some browser ad blocking extensions such as uBlock Origin incorrectly blocked requests for metrics from Hawkular Metrics due to a false positive in its URL pattern matching. This would prevent metrics on the OpenShift web console overview from displaying. We've fixed the problem by changing the metrics URL so that it doesn't trigger the false positive. Metrics now display correctly on the web console overview.
Clone Of: 1446308
Environment:
Last Closed: 2017-08-10 05:21:25 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Simple Patch to update console to use the /m endpoint (681 bytes, patch)
2017-05-03 17:59 UTC, Matt Wringe 		no flags Details | Diff
pod page (78.07 KB, image/png)
2017-06-05 08:32 UTC, shahan 		no flags Details
overview page(AdBlocking is disabled) (84.36 KB, image/png)
2017-06-05 08:33 UTC, shahan 		no flags Details
overview page(AdBlocking is enabled) (81.84 KB, image/png)
2017-06-05 08:34 UTC, shahan 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2017:1716 0 normal SHIPPED_LIVE Red Hat OpenShift Container Platform 3.6 RPM Release Advisory 2017-08-10 09:02:50 UTC

Comment 1 Matt Wringe 2017-05-02 18:15:42 UTC 
This issue is to track the changes needed in the console.

Hawkular Metrics has provided an alias path for the endpoint in question.

With this change the blocked url '.../hawkular/metrics/metrics/...' can be changed to use the non-blocked url '.../hawkular/metrics/m/...'.

Note: the original endpoint is still available, we are just providing the '/m' endpoint to be available to get around the blocker.

The console will need to be updated to take advantage of this change, and since this is a backport for 3.5, a check will probably have to be done in the console code to see if it the '/m' endpoint is available in the Hawkular Metrics version which is running.
Comment 4 Samuel Padgett 2017-05-03 15:35:02 UTC 
(In reply to Matt Wringe from comment #1)
> Hawkular Metrics has provided an alias path for the endpoint in question.
> 
> With this change the blocked url '.../hawkular/metrics/metrics/...' can be
> changed to use the non-blocked url '.../hawkular/metrics/m/...'.

Matt, is this change already in a hawkular-metrics image I can test?
Comment 7 Matt Wringe 2017-05-03 17:59:46 UTC 
Created attachment 1275963 [details]
Simple Patch to update console to use the /m endpoint

This is a simple patch to updated the console to use the /m endpoint instead of the /metrics one.

Note: this doesn't do any check if the version its connecting to has the /m endpoint or not, which may not always be the case.
Comment 12 Samuel Padgett 2017-05-09 15:40:40 UTC 
Matt, how do we recommend we test for the /m endpoint? OPTIONS seems to return 200 OK for any URL, even ones that don't exist. HEAD is a bit slow (1 second response time). GET returns a lot of data. Is there an efficient way to discover if it's there?
Comment 13 openshift-github-bot 2017-05-10 15:54:45 UTC 
Commit pushed to master at https://github.com/openshift/origin-web-console

https://github.com/openshift/origin-web-console/commit/844a16d41df98e9876fb47b87852190c2f5b43a0
Bug 1447405 - Use Hawkular Metrics /m endpoint

Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1447405
Comment 14 Samuel Padgett 2017-05-11 10:59:26 UTC 
https://github.com/openshift/origin-web-console/pull/1531
Comment 17 shahan 2017-06-05 08:32:48 UTC 
Created attachment 1285000 [details]
pod page
Comment 18 shahan 2017-06-05 08:33:56 UTC 
Created attachment 1285001 [details]
overview page(AdBlocking is disabled)
Comment 19 shahan 2017-06-05 08:34:41 UTC 
Created attachment 1285002 [details]
overview page(AdBlocking is enabled)
Comment 20 shahan 2017-06-05 09:59:20 UTC 
Please ignore above comment, since I used the wrong version to verify the bug. Will verify this bug again, sorry for that.
Comment 21 shahan 2017-06-06 08:12:26 UTC 
 I checked this issue on OCP v3.6.95 test env, deploy metrics and installed uBlock Origin on my firefox & chrome.The result is I can see the metrics data on the pod & overview web page while AdBlocking is enabled.
Comment 22 Matt Wringe 2017-06-20 17:58:54 UTC 
*** Bug 1430888 has been marked as a duplicate of this bug. ***
Comment 24 errata-xmlrpc 2017-08-10 05:21:25 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1716
Note You need to log in before you can comment on or make changes to this bug.