[talisman] Enforcing HTTP for status checks (apache#8214)

(cherry picked from commit 762edf4)
airbnb · Sep 13, 2019 · a7c0587 · a7c0587
1 parent 50cd558
commit a7c0587
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/superset/__init__.py b/superset/__init__.py
@@ -222,9 +222,11 @@ def is_feature_enabled(feature):
 if conf.get("ENABLE_FLASK_COMPRESS"):
     Compress(app)
 
+
+talisman = Talisman()
+
 if app.config["TALISMAN_ENABLED"]:
-    talisman_config = app.config.get("TALISMAN_CONFIG")
-    Talisman(app, **talisman_config)
+    talisman.init_app(app, **app.config["TALISMAN_CONFIG"])
 
 # Hook that provides administrators a handle on the Flask APP
 # after initialization

diff --git a/superset/views/core.py b/superset/views/core.py
@@ -62,6 +62,7 @@
     results_backend_use_msgpack,
     security_manager,
     sql_lab,
+    talisman,
     viz,
 )
 from superset.connectors.connector_registry import ConnectorRegistry
@@ -629,16 +630,19 @@ class DashboardAddView(DashboardModelView):  # noqa
 appbuilder.add_view_no_menu(DashboardAddView)
 
 
+@talisman(force_https=False)
 @app.route("/health")
 def health():
     return "OK"
 
 
+@talisman(force_https=False)
 @app.route("/healthcheck")
 def healthcheck():
     return "OK"
 
 
+@talisman(force_https=False)
 @app.route("/ping")
 def ping():
     return "OK"