lp://staging/~frankban/charms/trusty/juju-gui/fix-legacy-server

Created by Francesco Banconi and last modified
Get this branch:
bzr branch lp://staging/~frankban/charms/trusty/juju-gui/fix-legacy-server
Only Francesco Banconi can upload to this branch. If you are Francesco Banconi please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Francesco Banconi
Status:
Development

Recent revisions

191. By Francesco Banconi

Fix haproxy rule.

190. By Madison Scott-Clary

Merged back the new charm release.

189. By Madison Scott-Clary

Updated to the newest juju-gui release.

188. By Madison Scott-Clary

Merged changes from the released charm

187. By Uros Jovanovic

enables ftests on local env

Create local environment (with "local" also being the name of that environment) and ftests can be now be run local as well.

R=rharding, jay.wren
CC=
https://codereview.appspot.com/113720043

186. By Jay R. Wren

update HACKING.md

note that ppa stable is required
  New devs might assume that ppa:juju/devel subsumes ppa:juju/stable.
  Note that it does not.

add Proposing Branches section to document use of lbox

R=rharding
CC=
https://codereview.appspot.com/107690044

185. By Jeff Pihach

Updated to the newest juju-gui release.

184. By Francesco Banconi

Merged back the new charm release.

183. By Francesco Banconi

Use trusty as default target series.

Switched to lp:~juju-gui/charms/trusty/juju-gui/trunk
(I'll send an email after this branch is landed).

Change "make deploy" to install the trusty charm by default.

Also run "apt-get update" at the beginning of the install hook.

Tests: `make unittest`.

R=rharding
CC=
https://codereview.appspot.com/90220043

182. By Francesco Banconi

Avoid clickjacking.

Update the builtin and legacy servers to send
the proper X-Frame-Options header so that
iframing is denied from extraneous origins.

The legacy server has been update to ensure
clickjacking is not possible on jujucharms.com.

Tests: `make unittest`.

QA:
- juju bootstrap an environment;
- run `make deploy`;
- wait for the GUI to be ready/started;
- open the GUI with the browser and log in;
- prepare an HTML page like the following, replacing
  <GUI UNIT HOSTNAME> with the address of the GUI in
  your environment:

<!DOCTYPE html>
<html>
<head>
    <title>test clickjacking</title>
</head>
<body>
<iframe src="https://<GUI UNIT HOSTNAME>"
  height="800" width="1000"></iframe>
</body>
</html>

- open the test page above with the browser,
  the iframe should be empty;
- switch to the legacy server:
  `juju set juju-gui builtin-server=false`;
- wait a minute for the config-changed hook
  to complete;
- open the test page above with the browser,
  the iframe should be empty;
- destroy the environment.

R=jeff.pihach
CC=
https://codereview.appspot.com/88090048

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/charms/juju-gui
This branch contains Public information 
Everyone can see this information.