Opened 4 years ago

Closed 4 years ago

#3181 closed defect (fixed)

allowed_origins default config does not work

Reported by: tardyp Owned by:
Priority: blocker Milestone: 0.9.0
Version: master Keywords:


This is a recurrent issue for nine newcommers.

Our XSS protection has no good enough default, and will refuse by default any incoming force build requests

people are required to add 'allowed_origins':*? to their cwww?

Change History (2)

comment:1 Changed 4 years ago by tardyp

actually the problem was a configuration issue with

cbuildbotURL? = 'http://localhost:8010/' and cwww? = {'port': 8020}

We need to make it clearer in the UI when the buildbotURL is missconfigured

comment:2 Changed 4 years ago by tardyp

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.