Project

Profile

Help

Issue #3413

"http" and "https" options in distribution have no effect

Added by Ichimonji10 over 2 years ago. Updated over 1 year ago.

Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Sprint 34
Quarter:

Description

Let's say I create a distribution by making an HTTP POST request to /api/v3/distributions/, with the following JSON body:

{
  "base_path": "my-base-path",
  "http": false,
  "https": false,
  "name": "distribution-name",
  "publication": "http://pulp-3.example.com:8000/api/v3/publications/publication-id/",
}

This will return a distribution:

{
  "_href": "http://pulp-3.example.com:8000/api/v3/distributions/distribution-name/",
  "base_path": "my-base-path",
  "base_url": "pulp-3.example.com:8000/content/my-base-path",
  "http": false,
  "https": false,
  "name": "distribution-name",
  "publication": "http://pulp-3.example.com:8000/api/v3/publications/publication-id/",
  "publisher": null,
  "repository": null
}

Furthermore, let's say that the publication at …/api/v3/publications/publication-id/ contains a file named 1.iso. At which URLs are this file available? None at all. Right? After all, both "http" and "https" are false. Unfortunately, one can still GET the files at the following URLs:

  • http://pulp-3.example.com:8000/content/my-base-path/1.iso
  • https://pulp-3.example.com:8000/content/my-base-path/1.iso

Related issues

Related to Pulp - Issue #3416: Pulp 3 Jenkins jobs use the development webserverCLOSED - WONTFIX<a title="Actions" class="icon-only icon-actions js-contextmenu" href="#">Actions</a>
Related to Pulp - Issue #3451: Remove http and https options on distributionsCLOSED - CURRENTRELEASE<a title="Actions" class="icon-only icon-actions js-contextmenu" href="#">Actions</a>

History

#1 Updated by Ichimonji10 over 2 years ago

  • Description updated (diff)

#2 Updated by daviddavis over 2 years ago

  • Project changed from File Support to Pulp

#3 Updated by dalley over 2 years ago

  • Sprint/Milestone set to 56
  • Triaged changed from No to Yes

#4 Updated by bmbouter over 2 years ago

  • Sprint set to Sprint 33

#5 Updated by bmbouter over 2 years ago

  • Sprint/Milestone deleted (56)

#6 Updated by dalley over 2 years ago

  • Related to Issue #3416: Pulp 3 Jenkins jobs use the development webserver added

#7 Updated by dkliban@redhat.com over 2 years ago

We should just remove the http and https properties from the Distribution model.

Pulp is not in the business of providing SSL encryption. Web servers should be used to enforce SSL connections.

#8 Updated by Ichimonji10 over 2 years ago

That solution would solve this issue. And from my personal experience in deploying web applications, shoveling that reponsibility onto a web server tends to work well.

#9 Updated by jortel@redhat.com over 2 years ago

The proposal to remove the http & https attributes for the MVP is fine. The plan was always to delegate the SSL responsibilities to an external web server. There was another use case that required the content app to enforce the permitted schemes but I don't remember what it was.

#10 Updated by jortel@redhat.com over 2 years ago

  • Sprint changed from Sprint 33 to Sprint 34

#11 Updated by daviddavis over 2 years ago

  • Related to Issue #3451: Remove http and https options on distributions added

#12 Updated by daviddavis over 2 years ago

  • Status changed from NEW to CLOSED - WONTFIX

Closing out in favor of https://pulp.plan.io/issues/3451

#13 Updated by daviddavis over 1 year ago

  • Sprint/Milestone set to 3.0.0

#14 Updated by bmbouter over 1 year ago

  • Tags deleted (Pulp 3)

Please register to edit this issue

Also available in: Atom PDF