Closed
Bug 1370311
Opened 7 years ago
Closed 7 years ago
Treestatus CORS header is no longer a wildcard, blocking Treeherder
Categories
(Release Engineering :: General, defect)
Release Engineering
General
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: KWierso, Assigned: garbas)
Details
If you load https://treeherder.mozilla.org/#/jobs?repo=mozilla-esr45&fromchange=d9d4374f89440e9449e5a2c1e2fe261551bbea71&filter-resultStatus=testfailed&filter-resultStatus=busted&filter-resultStatus=exception&filter-classifiedState=unclassified The Treestatus icon in the header will show as '?'. And the reason shown in the dropdown is "Error reaching api.pub.build.mozilla.org/treestatus". Looking in the network monitor, requests go out to https://treestatus.mozilla-releng.net/trees/mozilla-esr45 which responds with > result: { message_of_the_day: "", reason: "", status: "approval required", tree: "mozilla-esr45" } I'm also seeing CORS issues logged to the console: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://treestatus.mozilla-releng.net/trees/mozilla-esr45. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Maybe related: bug 1353753 ?
Comment 1•7 years ago
|
||
Looks the wildcard has been removed from the CORS header, and now only `https://mozilla-releng.net` whitelisted: $ curl -IL https://treestatus.mozilla-releng.net/trees/mozilla-esr45 HTTP/1.1 200 OK Connection: keep-alive Server: gunicorn/19.7.1 Date: Mon, 05 Jun 2017 18:35:25 GMT Content-Type: application/json Content-Length: 133 Access-Control-Allow-Origin: https://mozilla-releng.net X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Content-Security-Policy: style-src 'self' 'unsafe-inline'; connect-src 'self'; script-src 'self' 'unsafe-inline'; default-src 'none'; img-src 'self' X-Content-Security-Policy: style-src 'self' 'unsafe-inline'; connect-src 'self'; script-src 'self' 'unsafe-inline'; default-src 'none'; img-src 'self' Via: 1.1 vegur
Component: Treeherder → TreeStatus
Flags: needinfo?(rgarbas)
Product: Tree Management → Release Engineering
QA Contact: catlee
Updated•7 years ago
|
Summary: Treestatus is showing as '?' for all trees. → Treestatus CORS header doesn't allow Treeherder
Assignee | ||
Updated•7 years ago
|
Assignee: nobody → rgarbas
Flags: needinfo?(rgarbas)
Assignee | ||
Comment 2•7 years ago
|
||
as explained in [github comment](https://github.com/mozilla-releng/services/issues/366#issuecomment-306467029) I've added https://treeherder.mozilla.org to CORS_ORIGINS and restarted releng treestatus heroku app. I can confirm that https://treeherder.mozilla.com is now working correctly. Please reopen if this is not the case.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Comment 3•7 years ago
|
||
Thank you for adjusting the header. However we still really need the wildcard header, otherwise it breaks Treeherder stage/prototype/local development and any other webapps that read the API. In the future it would be really useful to have emails sent to mailing lists and also grep access logs to see who consumes the API before breaking changes are made. Let's continue the discussion here: https://github.com/mozilla-releng/services/issues/366 Plus I've filed some other issues to ease debugging of the mozilla-releng/services apps in the future, since the current setup was a bit confusing and lengthened the time taken to debug: https://github.com/mozilla-releng/services/issues/367 https://github.com/mozilla-releng/services/issues/368 https://github.com/mozilla-releng/services/issues/369 ...and also a ticket against Heroku for them to actually display in the UI when an app is using the non-standard container registry/runtime method: https://help.heroku.com/tickets/483981
Summary: Treestatus CORS header doesn't allow Treeherder → Treestatus CORS header is no longer a wildcard, blocking Treeherder
Comment 4•7 years ago
|
||
And resolved :-) $ curl -sSfIL https://treestatus.mozilla-releng.net/trees/mozilla-central | grep Access Access-Control-Allow-Origin: *
Updated•2 years ago
|
Component: Applications: TreeStatus → General
You need to log in
before you can comment on or make changes to this bug.
Description
•