-
Notifications
You must be signed in to change notification settings - Fork 139
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
XXL grapher extension not working since Zabbix 3.4.5 #107
Comments
Workaround for this issue: |
Thanks @Volont84 , disabling the http-only flag in /usr/local/src/zabbix/frontends/php/include/func.inc.php did the trick. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
XXL grapher extension not working since Zabbix 3.4.5, most likely due to the fix ZBX-13262 ( fixed cookie http-only attribute to prevent XSS attacks ) which prevents the grapher.js from obtaining the zbx_sessionid cookie value.
Steps to Reproduce
Expected behavior:
The Host field is supposed to show a list of existing hosts
Actual behavior:
The Host field never shows any hostnames, as if autocompletion isn't working.
Reproduces how often:
100% of the time since Zabbix 3.4.5
Versions
monitoringartist/dockbix-xxl:3.4.7
Additional Information
The cookie value should not be sent in the JSON payload. The browser should just automatically include it as part of the header of the JSON RPC request.
Also, the ZabbixApi function does not handle error responses in a user-friendly way. In this particular case the response object contained an error object with, code: -32602, data: "Not authorized.", message: "Invalid params."
The request payload to the api_jsonrpc.php was:
{"jsonrpc":"2.0","method":"hostgroup.get","id":0,"auth":null,"params":{"monitored_hosts":1,"sortfield":"name","selectHosts":["name"],"output":["name"]}}
You Docker knowledge level
Advanced
The text was updated successfully, but these errors were encountered: