Created 03-09-2017 08:11 AM
I posted this somewhere else earlier and I think it will help answer your question:
Workaround to revert to pre-CDH 5.10 behavior:
[desktop] allowed_hosts=*
NOTE: The goal in changing the default to something more restrictive was to improve security. Now that we are aware of the security measure, if desired, restriction can be added via a comma-separated list of hosts and IPs like this:
[desktop] allowed_hosts=.cloudera.com,0.0.0.0,172.31.114.79
See the following on how to configure if you choose that route:
https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts
To round out the above explanation, before CDH 5.10, "allowed_hosts=*" was the default. We tried changing the default to help promote security as outlined in the above Django page.
Since our change to allowed_hosts to help enhance security had unanticipated negative experiences for existing users, we are reverting the CDH default to "allowed_hosts=*". We'll opt to document it better and also build in validation warnings in Cloudera Manager to strongly recommend not leaving "allowed_hosts=*" unless that is the desired configuration.
The security risk is described in the django documentation (see the link above).
Ben
Created 03-17-2017 11:59 AM
So to clarify my assumptions and (mis)understandings:
The allowed_hosts setting is not checking the HTTP client's DNS domain. It is the Hue webserver framework (ie Django) checking the HTTP Host: header that the client sends.
In my case of AWS VPC with default public subnet configuration, my web browser thinks I am talking to ec2-54-50-32-4.compute-1.amazonaws.com and sends that as the Host: header. The Hue server sees that, expecting something more like ip-10-1-2-3.ec2.internal, and replies with the "Bad Request (400)" to the client.
Created on 02-15-2017 09:50 PM - edited 02-15-2017 09:59 PM
Hey Ben,
Many many thanks!! We had the same error [400] with CM 5.9 with embedded PostGRESql db.
I confirm that this has resolved our issue.
A gist of out setup:
Platform: AWS, 4 x t2.medium, 50GiB EBS
OS: CentOS 6 with updates HVM
Thanks again!!
Created 02-05-2017 09:56 PM
Got the same problem on Ubuntu 14.04. CDH 5.10.
5.9 works fine.
So this problem should be easily reproduced.
Created 02-06-2017 09:09 AM
Hello,
I am receiving the same error message on one of our installationas as well.
Running version:
5.10.0-1.cdh5.10.0.p0.41 |
Created 03-11-2017 03:49 PM
same problem here
i am getting " server not found " when i open hue web UI, and i tried to access with the external ip address:8888, i am getting "Bad Request(400) ".
i have been trying to debug the error but no use
have you solved your error ? if yes can you share the solution that helps alot
Thank you
Created 03-13-2017 09:50 PM
The answer is one post above....