2235563 – [IBM] [Ceph Dashboard]: Allow CORS for an unauthorized access

Bug 2235563 - [IBM] [Ceph Dashboard]: Allow CORS for an unauthorized access

Summary: [IBM] [Ceph Dashboard]: Allow CORS for an unauthorized access

Keywords:
Status:	VERIFIED
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	Ceph-Dashboard
Sub Component:
Version:	5.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	5.3z6
Assignee:	Nizamudeen
QA Contact:	Sayalee
Docs Contact:	Anjana Suparna Sriram
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-08-29 04:56 UTC by Nizamudeen
Modified:	2025-05-30 10:04 UTC (History)
CC List:	6 users (show)
Fixed In Version:	ceph-16.2.10-218.el8cp
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	ceph ceph pull 53171	None	Merged	mgr/dashboard: set CORS header for unauthorized access	2023-08-29 05:00:06 UTC
Red Hat Issue Tracker	RHCEPH-7277	None	None	None	2023-08-31 05:17:49 UTC
Red Hat Issue Tracker	RHCSDASH-1069	None	None	None	2023-08-29 05:03:40 UTC

Description Nizamudeen 2023-08-29 04:56:06 UTC

Description of problem:
Try to access the dashboard api from a different origin with an invalid token and see that there is no Access-Control-Allow-Origin header set in the response header. This is needed for the IBM SI to catch error like 401 on their code.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 RHEL Program Management 2023-08-29 04:56:16 UTC

Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.

Note You need to log in before you can comment on or make changes to this bug.