Continuous Delivery Director

  • Private Community
 View Only

Firefox and IE11 cannot load CDD on-premise but Chrome works

By Colin Kurrant posted Dec 10, 2018 04:15 AM

  

This post describes an issue where Firefox and IE11 cannot load CDD on-premise, but Chrome can.

Symptom

You attempt to log in to CDD on-premise in Firefox or IE11 using a URL in the format https://<host>:<port>/cdd/login.jsp, where:

<host> - Specifies the server where you installed the product.

<port> - Specifies the port number you use to access the product UI, which is 8080 by default.

Example: 'http://cdd-docker-engine-3:8080/cdd/login.jsp'

However, an error message appears, such as:

FireFox

FireFox CDD login error

Internet Explorer 11

IE11 CDD login error

You check the log and see an error such as:

2018-12-04 11:38:54.215 [http-nio-8080-exec-11] ERROR c.c.r.w.f.OriginVerificationFilter - Failed request based on its origin. You may clear the JSESSIONID cookie request header or logout from the related CDD session

com.ca.rp.exceptions.rest.ValidationException: Accessing '/cdd/login.jsp' is forbidden from 'http://cdd-docker-engine-3:8080/cdd/login.jsp', verified by referer header

Diagnosis

In settings.properties, the "cdd.url.virtual_ip" value is "localhost". Chrome sends the POST request header with the entered host and port appearing in both the Origin and Referrer fields, causing the server to accept the request. However, both Firefox and IE11 send the POST request header with the entered host and port appearing in the Referrer field only, causing the server to deny the request.

Solution

In settings.properties, update the "cdd.url.virtual_ip" value from "localhost" to the host name of the server where you installed the product.

Example: cdd.url.virtual_ip=cdd-docker-engine-3

Additional Information

NOTE:

We recommend that you access CDD using the exact same server address that was used for executing the CDD Installer. CDD verifies that any incoming client request is coming from a page that was downloaded from CDD itself (that is, the same HTTP schema, same server name and same server port).

For example, if you used https://test.domain.com:443 to execute the CDD Installer, you should also use https:///test.domain.com:443 for executing the CDD service (and not https:///test:443).

0 comments
4 views

Permalink