nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Witt <joe.w...@gmail.com>
Subject Re: Access Nifi 1.5
Date Fri, 16 Feb 2018 13:52:25 GMT
disabling it is probably not what you actually want.

https://www.linkedin.com/pulse/host-header-injection-depth-utkarsh-tiwari


but we can improve it and that is the noted jira.

we can do 1.6.0 voting anytime.  ill discuss that on dev.

thanks
joe

On Feb 16, 2018 8:50 AM, "Dênis Vilela" <denisxvilela@gmail.com> wrote:

> I think it will work only with https.
>
> On 16 Feb 2018, at 11:46, Sean Marciniak <sean@beamery.com> wrote:
>
> What would be amazing is the ability to disable host header checks. Is
> this feature in there?
>
> On Fri, Feb 16, 2018 at 1:08 PM, Dênis Vilela <denisxvilela@gmail.com>
> wrote:
>
>> Hello, Sean!
>>
>> Did you see https://issues.apache.org/jira/browse/NIFI-4761?src=confmacro
>>  and https://github.com/apache/nifi/pull/2427/files? I think they will
>> fix this problem in the next Release.
>>
>> Cheers
>>
>> On 16 Feb 2018, at 11:03, Sean Marciniak <sean@beamery.com> wrote:
>>
>> Hi Mike,
>>
>> I have set the `wifi.web.http.host` to be equals to the vm’s public IP
>> address and it fails to bind according to the stack trace.
>>
>> 2018-02-16 12:59:07,684 WARN [main] org.apache.nifi.web.server.JettyServer
>> Failed to start web server... shutting down.
>> java.net.BindException: Cannot assign requested address
>>         at sun.nio.ch.Net.bind0(Native Method)
>>         at sun.nio.ch.Net.bind(Net.java:433)
>>         at sun.nio.ch.Net.bind(Net.java:425)
>>         at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelI
>> mpl.java:223)
>>         at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.
>> java:74)
>>         at org.eclipse.jetty.server.ServerConnector.open(ServerConnecto
>> r.java:298)
>>         at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(Ab
>> stractNetworkConnector.java:80)
>>         at org.eclipse.jetty.server.ServerConnector.doStart(ServerConne
>> ctor.java:236)
>>         at org.eclipse.jetty.util.component.AbstractLifeCycle.start(
>> AbstractLifeCycle.java:68)
>>         at org.eclipse.jetty.server.Server.doStart(Server.java:431)
>>         at org.eclipse.jetty.util.component.AbstractLifeCycle.start(
>> AbstractLifeCycle.java:68)
>>         at org.apache.nifi.web.server.JettyServer.start(JettyServer.jav
>> a:798)
>>         at org.apache.nifi.NiFi.<init>(NiFi.java:160)
>>         at org.apache.nifi.NiFi.main(NiFi.java:268)
>> 2018-02-16 12:59:07,687 INFO [Thread-1] org.apache.nifi.NiFi Initiating
>> shutdown of Jetty web server...
>> 2018-02-16 12:59:07,692 INFO [Thread-1] o.eclipse.jetty.server.AbstractConnector
>> Stopped ServerConnector@1e9f8705{HTTP/1.1,[http/1.1]}{x.x.x.x:8080}
>> 2018-02-16 12:59:07,692 INFO [Thread-1] org.eclipse.jetty.server.session
>> Stopped scavenging
>>
>> Is there anything else that would need to be set?
>>
>> On 16 February 2018 at 12:46:33 pm, Mike Thomsen (mikerthomsen@gmail.com)
>> wrote:
>>
>> IP address should work.
>>
>> On Fri, Feb 16, 2018 at 7:14 AM, Sean Marciniak <sean@beamery.com> wrote:
>> Does URL need to be a FQDN? Can it not just accept the host IP address?
>>
>>
>> On 16 February 2018 at 12:13:55 pm, Mike Thomsen (mikerthomsen@gmail.com)
>> wrote:
>>
>> 1.5 introduced a new property:  nifi.web.http.host
>>
>> Set that to the URL you want to use for accessing it.
>>
>> On Fri, Feb 16, 2018 at 6:19 AM, Sean Marciniak <sean@beamery.com> wrote:
>> Hey team,
>>
>> I have NiFi running on a standalone VM and I try to directly connect to
>> it over http and I get this message:
>>
>>
>> ```
>> System Error
>>
>> The request contained an invalid host header [x.x.x.x:8080] in the
>> request [/]. Check for request manipulation or third-party intercept.
>>
>> ```
>> I am trying to connect to it using the host machine’s IP address. This
>> error has only occurred oncer we had bumped to version 1.5
>> Has there been a regression or is there an issue in progress to solve
>> this?
>>
>> Thank you,
>>
>> Sean.
>>
>>
>>
>
>
> --
> <https://www.beamery.com/>
>
> Sean Marciniak
>
> sean@beamery.com
>
>
> www.beamery.com
>
> Are you ready for GDPR? *GDPR: The Complete Guide for Recruiting Teams
> <https://beamery.com/academy/gdpr-for-recruiting-teams>*
>
>
>

Mime
View raw message