From 72dc64790cb59856568dd69d65d5584a65ea4ea0 Mon Sep 17 00:00:00 2001 From: Alexander Zagaynov Date: Wed, 30 Aug 2017 11:21:22 +0200 Subject: escape corsAllowedOrigins regexp strings and anchor them --- roles/openshift_master/templates/master.yaml.v1.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/openshift_master/templates') diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index c14579435..abd2f9a59 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -59,7 +59,7 @@ controllerConfig: controllers: '*' corsAllowedOrigins: {% for origin in ['127.0.0.1', 'localhost', openshift.common.ip, openshift.common.public_ip] | union(openshift.common.all_hostnames) | unique %} - - {{ origin }} + - (?i)\A{{ origin | regex_escape() }}\z {% endfor %} {% for custom_origin in openshift.master.custom_cors_origins | default("") %} - {{ custom_origin }} -- cgit v1.2.3