openstack-attic/object-api
Code Issues Proposed changes

Change CORS headers to be assigned to containers

Browse Source 
Copy content from
http://docs.openstack.org/developer/swift/cors.html
to replace misleading content in
http://docs.openstack.org/api/openstack-object-storage/1.0/
content/assigning-cors-headers-to-requests.html

Change ">" to ">" in example

Use $publicURL to represent the endpoint which includes
the API version number and the account/tenantID.

Closes-Bug: #1260840

Change-Id: I9dfe46d610bfcf2f9646cb28a4246954c180252d
This commit is contained in:
Miranda Zhang 2014-02-04 04:38:24 +00:00
parent b38a24a042
commit b98907be31
2 changed files with 34 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openstack-object-storage-dev/samples/object-assign-cors-header-req.txt
View File

@ -1,4 +1,4 @@
PUT /<api version&gt;/<account&gt;/<container&gt;/<object&gt; HTTP/1.1
PUT $publicURL/{container}/{object} HTTP/1.1
Host: storage.clouddrive.com
X-Auth-Token: eaaafd18-0fed-4b3a-81b4-663c99ec1cbb
Origin: http://storage.clouddrive.com

62
openstack-object-storage-dev/section_object-api-storage-object-svc.xml
View File

@ -669,7 +669,7 @@
</section>
</section>
<section xml:id="assigning-cors-headers-to-requests">
<title>Assigning CORS Headers to Requests</title>
<title>Assign CORS headers to requests</title>
<para>CORS is a specification that stands for Cross-Origin
Resource Sharing. It defines how browsers and servers
communicate across origins using HTTP headers, such as
@ -678,35 +678,36 @@
read more about the definition of the Access-Control-
response headers and Origin response header at <link
xlink:href="http://www.w3.org/TR/access-control/"
>www.w3.org/TR/access-control/</link>.<itemizedlist>
<listitem>
<para>Access-Control-Allow-Credentials</para>
</listitem>
<listitem>
<para>Access-Control-Allow-Methods</para>
</listitem>
<listitem>
<para>Access-Control-Allow-Origin</para>
</listitem>
<listitem>
<para>Access-Control-Expose-Headers</para>
</listitem>
<listitem>
<para>Access-Control-Max-Age</para>
</listitem>
<listitem>
<para>Access-Control-Request-Headers</para>
</listitem>
<listitem>
<para>Access-Control-Request-Method</para>
</listitem>
<listitem>
<para>Origin</para>
</listitem>
</itemizedlist></para>
<para>You can assign these headers to objects only.</para>
>www.w3.org/TR/access-control/</link>.
<table rules="all">
<caption>Supported Headers</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<td><emphasis>Metadata</emphasis></td>
<td><emphasis>Use</emphasis></td>
</tr>
</thead>
<tbody>
<tr>
<td>X-Container-Meta-Access-Control-Allow-Origin</td>
<td>Origins to be allowed to make Cross Origin Requests, space separated.</td>
</tr>
<tr>
<td>X-Container-Meta-Access-Control-Max-Age</td>
<td>Max age for the Origin to hold the preflight results.</td>
</tr>
<tr>
<td>X-Container-Meta-Access-Control-Expose-Headers</td>
<td>Headers exposed to the user agent (e.g. browser) in the the actual request response. Space separated.</td>
</tr>
</tbody>
</table>
</para>
<para>CORS metadata is held on the container only. The values given apply to the container itself and all objects within it.</para>
<example>
<title>Assign CORS Header HTTP Request</title>
<title>Assign CORS header request: HTTP</title>
<para>In the example, the origin header is assigned that
indicates where the file came from. This allows you to
provide security that requests to your Object Storage
@ -714,6 +715,9 @@
origination:</para>
<literallayout class="monospaced"><xi:include href="samples/object-assign-cors-header-req.txt" parse="text"/></literallayout>
</example>
<para>You can find more details in the <link
xlink:href="http://docs.openstack.org/developer/swift/cors.html"
>Swift Documentation</link>.</para>
</section>
<section
xml:id="enabling-file-compression-with-content-encoding-header">