Page MenuHomePhabricator

CX doesn't load when testing backports on mwdebug servers
Closed, ResolvedPublic

Description

While backporting the fixes for T328143 today, I was unable to test the changes on mwdebug servers. This made the process riskier than it should have been, since the change has to be deployed for all users before it could have been verified in production.

I was using the Chrome extension to test the backport on mwdebug servers: https://chrome.google.com/webstore/detail/wikimediadebug/binmakecefompkjggiklgjenddjoifbb

And I got the following error message in the console:

Access to XMLHttpRequest at 'https://cxserver.wikimedia.org/v2/page/fr/pl/Coquille_Saint-Jacques' from origin 'https://pl.wikipedia.org' has been blocked by CORS policy: Request header field x-wikimedia-debug is not allowed by Access-Control-Allow-Headers in preflight response.

image.png (2×3 px, 165 KB)

Similar bug in another product: T252826: Whitelist x-wikimedia-debug header field (currently not allowed by Access-Control-Allow-Headers in preflight response)

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

We have two options here:

  1. The cxserver can include this in the list of allowed CORS headers. By itself that would be a one-line change that unbreaks the debug session with no other observable impact (no-op).

The logic could later on be expanded, if desired, into an actual debug mode. E.g. to also increase Logstash verbosity, or do something else useful. This is the approach we usually take, e.g. ORES, Thumbor, WMCS, api-gateway, Graphite/Grafana, etc all allow the header, and in some cases also change behaviour (e.g. in case of Thumbor it exposes extra details through various response headers that we normally strip for performance reasons).

  1. The cxserver server could be hardcoded in WikimediaDebug to not receive the header.

We don't have any exemptions today, but we could create one.

Change 889059 had a related patch set uploaded (by KartikMistry; author: KartikMistry):

[mediawiki/services/cxserver@master] Allow x-wikimedia-debug in request header

https://gerrit.wikimedia.org/r/889059

Change 889059 merged by jenkins-bot:

[mediawiki/services/cxserver@master] Allow x-wikimedia-debug in request header

https://gerrit.wikimedia.org/r/889059

Change 889483 had a related patch set uploaded (by KartikMistry; author: KartikMistry):

[operations/deployment-charts@master] Update cxserver to 2023-02-15-085109-production

https://gerrit.wikimedia.org/r/889483

Change 889483 merged by jenkins-bot:

[operations/deployment-charts@master] Update cxserver to 2023-02-15-085109-production

https://gerrit.wikimedia.org/r/889483