External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-16 13:57:39 -02:30
Code Issues Packages Projects Releases Wiki Activity

Added CSRF Origin in settings (#14062)

Browse Source
This commit is contained in:
John Westcott IV
2023-07-05 15:18:23 -04:00
committed by GitHub
parent 4a34ee1f1e
commit 5e9d514e5e
9 changed files with 56 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
awx/ui/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.js
View File

@@ -59,6 +59,7 @@ function MiscSystemDetail() {
'TOWER_URL_BASE',
'DEFAULT_EXECUTION_ENVIRONMENT',
'PROXY_IP_ALLOWED_LIST',
'CSRF_TRUSTED_ORIGINS',
'AUTOMATION_ANALYTICS_LAST_GATHER',
'AUTOMATION_ANALYTICS_LAST_ENTRIES',
'UI_NEXT'

1
awx/ui/src/screens/Setting/MiscSystem/MiscSystemDetail/MiscSystemDetail.test.js
View File

@@ -29,6 +29,7 @@ describe('<MiscSystemDetail />', () => {
TOWER_URL_BASE: 'https://towerhost',
REMOTE_HOST_HEADERS: [],
PROXY_IP_ALLOWED_LIST: [],
CSRF_TRUSTED_ORIGINS: [],
LICENSE: null,
REDHAT_USERNAME: 'name1',
REDHAT_PASSWORD: '$encrypted$',

7
awx/ui/src/screens/Setting/MiscSystem/MiscSystemEdit/MiscSystemEdit.js
View File

@@ -53,6 +53,7 @@ function MiscSystemEdit() {
'TOWER_URL_BASE',
'DEFAULT_EXECUTION_ENVIRONMENT',
'PROXY_IP_ALLOWED_LIST',
'CSRF_TRUSTED_ORIGINS',
'UI_NEXT'
);
@@ -95,6 +96,7 @@ function MiscSystemEdit() {
await submitForm({
...form,
PROXY_IP_ALLOWED_LIST: formatJson(form.PROXY_IP_ALLOWED_LIST),
CSRF_TRUSTED_ORIGINS: formatJson(form.CSRF_TRUSTED_ORIGINS),
REMOTE_HOST_HEADERS: formatJson(form.REMOTE_HOST_HEADERS),
DEFAULT_EXECUTION_ENVIRONMENT:
form.DEFAULT_EXECUTION_ENVIRONMENT?.id || null,
@@ -239,6 +241,11 @@ function MiscSystemEdit() {
config={system.PROXY_IP_ALLOWED_LIST}
isRequired
/>
<ObjectField
name="CSRF_TRUSTED_ORIGINS"
config={system.CSRF_TRUSTED_ORIGINS}
isRequired
/>
{submitError && <FormSubmitError error={submitError} />}
{revertError && <FormSubmitError error={revertError} />}
</FormColumnLayout>

1
awx/ui/src/screens/Setting/MiscSystem/MiscSystemEdit/MiscSystemEdit.test.js
View File

@@ -39,6 +39,7 @@ const systemData = {
REMOTE_HOST_HEADERS: ['REMOTE_ADDR', 'REMOTE_HOST'],
TOWER_URL_BASE: 'https://localhost:3000',
PROXY_IP_ALLOWED_LIST: [],
CSRF_TRUSTED_ORIGINS: [],
UI_NEXT: false,
};

25
awx/ui/src/screens/Setting/shared/data.allSettingOptions.json
View File

@@ -78,6 +78,20 @@
"read_only": false
}
},
"CSRF_TRUSTED_ORIGINS": {
"type": "list",
"required": true,
"label": "CSRF Origins List",
"help_text": "If the service is behind a reverse proxy/load balancer, use this setting to configure the schema://addresses from which the service should trust Origin header values. ",
"category": "System",
"category_slug": "system",
"default": [],
"child": {
"type": "string",
"required": true,
"read_only": false
}
},
"REDHAT_USERNAME": {
"type": "string",
"required": false,
@@ -4487,6 +4501,17 @@
"type": "string"
}
},
"CSRF_TRUSTED_ORIGINS": {
"type": "list",
"label": "CSRF Origins List",
"help_text": "If the service is behind a reverse proxy/load balancer, use this setting to configure the schema://addresses from which the service should trust Origin header values. ",
"category": "System",
"category_slug": "system",
"defined_in_file": false,
"child": {
"type": "string"
}
},
"LICENSE": {
"type": "nested object",
"label": "License",

1
awx/ui/src/screens/Setting/shared/data.allSettings.json
View File

@@ -9,6 +9,7 @@
"REMOTE_HOST"
],
"PROXY_IP_ALLOWED_LIST": [],
"CSRF_TRUSTED_ORIGINS": [],
"LICENSE": {},
"REDHAT_USERNAME": "",
"REDHAT_PASSWORD": "",