-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
server: redirect http to https in secure mode #5746
Conversation
LGTM however I do not see an explicit test for the http redirect itself. Probably doesn't matter too much since you're testing reachability both with and without. Reviewed 10 of 14 files at r1. resource/test_certs/README.md, line 24 [r1] (raw file): Comments from the review on Reviewable.io |
Yeah the default http client automagically follows redirects. Not sure it matters. Review status: 10 of 14 files reviewed at latest revision, 1 unresolved discussion. resource/test_certs/README.md, line 24 [r1] (raw file): Comments from the review on Reviewable.io |
Review status: 10 of 14 files reviewed at latest revision, 2 unresolved discussions. resource/test_certs/README.md, line 24 [r1] (raw file): server/server.go, line 298 [r1] (raw file): Comments from the review on Reviewable.io |
Review status: 10 of 14 files reviewed at latest revision, 2 unresolved discussions. server/server.go, line 298 [r1] (raw file): Should I just not redirect on GET? Leave a TODO? Use Comments from the review on Reviewable.io |
Review status: 10 of 14 files reviewed at latest revision, 2 unresolved discussions. server/server.go, line 298 [r1] (raw file): I would use 308 as a literal. Or, if you don't want to trust that, return a 400 error for non-GETs. Comments from the review on Reviewable.io |
Review status: 10 of 14 files reviewed at latest revision, 2 unresolved discussions. server/server.go, line 298 [r1] (raw file): Actually, why is 302 wrong for non-GETs? Seems like clients can follow the redirect with a GET or HEAD, which is better than getting a 400. Comments from the review on Reviewable.io |
@petermattis it's in the commit message, just not the PR description. |
@tamird Ok. I wish github would include all of the commit messages in the PR message. Reviewable does a better job at this, but I didn't click through to reviewable. |
Still need an lgtm on this one. |
Review status: 10 of 14 files reviewed at latest revision, 2 unresolved discussions. server/server.go, line 298 [r1] (raw file): 302 is bad for non-GETs because it can throw away the original request method and its body (depending on whether the client interprets 302 in the way that the spec says or the way browsers have always done it). There is no guarantee that the path will support both GET and POST (it's common in go's http server interface, but it's rare in some other frameworks). It's better to give a clear error rather than to do something different from what the user asked. Comments from the review on Reviewable.io |
Review status: 10 of 14 files reviewed at latest revision, 2 unresolved discussions. server/server.go, line 298 [r1] (raw file): Comments from the review on Reviewable.io |
Review status: 10 of 14 files reviewed at latest revision, 2 unresolved discussions. server/server.go, line 298 [r1] (raw file): I'd also be fine with using 301 for GET and 307 for non-GET. The permanent/temporary distinction matters less than the method preservation. Comments from the review on Reviewable.io |
Review status: 10 of 15 files reviewed at latest revision, 2 unresolved discussions. server/server.go, line 298 [r1] (raw file): Comments from the review on Reviewable.io |
LGTM Review status: 10 of 15 files reviewed at latest revision, 2 unresolved discussions. Comments from the review on Reviewable.io |
@petermattis @jseldess this isn't guaranteed to take care of the "TLS handshake" errors you're seeing - many of those are triggered by XHRs which don't honor redirects. Also, since client browsers do not trust our CA, a "TLS handshake" error (or two) will be generated on that first redirect when chrome kills the connection upon discovering the untrusted certificate. |
Thanks for the heads up, @tamird. Once this is merged, I'll retest our getting started steps and figure out if/how they should be updated. |
Still seeing "TLS handshake error" when switching cluster from insecure to secure with the admin ui up. I guess I'll just leave the docs as they are (suggesting to close the admin ui before restarting an insecure cluster as secure). |
Yes, that's what I meant by XHRs - if you have the admin UI up through a On Thu, Mar 31, 2016 at 10:02 PM, jseldess notifications@github.com wrote:
|
This change is