Summary: | ASTERISK-26355: ari: Swagger basePath url always set to http protocol | ||||
Reporter: | Dan Jenkins (danjenkins) | Labels: | |||
Date Opened: | 2016-09-10 16:20:40 | Date Closed: | |||
Priority: | Major | Regression? | |||
Status: | Open/New | Components: | Resources/res_ari | ||
Versions: | 12.8.2 13.11.2 14.0.0-beta2 | Frequency of Occurrence | Constant | ||
Related Issues: |
| ||||
Environment: | Attachments: | ||||
Description: | When asterisk http.conf is setup for TLS and HTTPS is available. The URL given in basePath of all of the ARI documents is set to http.
In http.conf I had set http to bind to 127.0.0.1 and https to bind to 0.0.0.0 so that you could only connect to Asterisk HTTP using https. However, the http protocol is hard coded in res/res_ari.c We'd want to know which protocol was being used to access a document and use that protocol when rendering out the json documents because you may have http enabled and https enabled for different reasons under different domains etc. Thinking about this some more, we would also want to look for the X-Forwarded-Proto header in case someone is terminating HTTPS at a HTTP Reverse-Proxy such as nginx | ||||
Comments: | By: Asterisk Team (asteriskteam) 2016-09-10 16:20:40.595-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. |