You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been having issues where using a clair URL like https://xxx.xxx.xxx.xxx (via IP name) works, but the same via domain name (https://clairserver) does not. The clairctl error I get is "503: requested access to the resource is denied". The 503 is coming from haproxy.
This happens when setting the port to anything (including 443). However, if I set port to 0, it works.
From what I can tell, clairctl is putting the port into the http HOST header (!), which causes it to fail.
// Bad, includes port:
eg. "Host: clairserver:443"
// Good, should not include port:
eg. "Host: clairserver"
The fix is that the http Host header should never contain the port. I see the code where the port is added for the clair URL, but I can't find in the code where the port is added to the host header. I suspect it might be something like this
If "request.URL.Host" is being used as the host header, and if url.Parse() is returning "host:port", then that would cause this issue. The fix would be to make sure that "request.URL.Host" only gets the actual host part.
The text was updated successfully, but these errors were encountered:
I've been having issues where using a clair URL like https://xxx.xxx.xxx.xxx (via IP name) works, but the same via domain name (https://clairserver) does not. The clairctl error I get is "503: requested access to the resource is denied". The 503 is coming from haproxy.
This happens when setting the port to anything (including 443). However, if I set port to 0, it works.
From what I can tell, clairctl is putting the port into the http HOST header (!), which causes it to fail.
The fix is that the http Host header should never contain the port. I see the code where the port is added for the clair URL, but I can't find in the code where the port is added to the host header. I suspect it might be something like this
The docs for url.Parse() say:
(https://golang.org/pkg/net/url/#Parse)
If "request.URL.Host" is being used as the host header, and if url.Parse() is returning "host:port", then that would cause this issue. The fix would be to make sure that "request.URL.Host" only gets the actual host part.
The text was updated successfully, but these errors were encountered: