-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"Blocked host" error after upgrading to 5.0.41 #2628
Comments
I noticed that v5.x.x adds |
I managed to solve this issue by explicitly setting
it defaults to
|
I ran into something similar. I intentionally upgraded to 5.0.41, and updated my cookbook to add |
I eventually got this working, but later noticed that the AWS ELB healthchecks were all getting a 403. Before this change, the ELB health checks would get a 200, just doing a get on |
We have analyzed this issue and taken it up on priority. We are building a provision for allowing/disallowing host header injection. By allowing this the healthcheck APIs will not be blocked with status code 403. So it would be at customer's discretion to set this flag according to the need. |
#2698 adds support for multiple hostnames so you could use more than one |
@hrak @pdohertybcov @bdwyertech The following PR is to solve this issue: We need to specify the private IP address of the supermarket instance along with the supermarket hostname in the list of |
Chef Supermarket Version
5.0.41
Platform Details
Ubuntu 18.04.6 LTS
Configuration
private supermarket using supermarket-omnibus-cookbook
Scenario
Last night our supermarket was automatically upgraded to 5.0.41 by supermarket-omnibus-cookbook and now it throws the following error:
It worked fine before the upgrade (version 4.2.89)
We are using the stable channel, i don't expect major upgrades to happen in a channel called stable.
Our config:
Steps to Reproduce
Upgrade a 4.2.89 installation using supermarket-omnibus-cookbook to 5.0.41
Expected Result
A working supermarket
Actual Result
red and black page with error mentioned above.
The text was updated successfully, but these errors were encountered: