diff options
author | Michael Krotscheck <krotscheck@gmail.com> | 2015-10-19 05:26:06 -0700 |
---|---|---|
committer | Michael Krotscheck <krotscheck@gmail.com> | 2015-11-16 18:07:15 -0800 |
commit | c4957606cb290a639a4a02fbf648044242c5c207 (patch) | |
tree | a91af2fa2305786234bd4876ad24e611b5bf0ea4 /doc | |
parent | 4e7bb27895f6876ada3a8b19272422af29e75d22 (diff) | |
download | oslo-middleware-c4957606cb290a639a4a02fbf648044242c5c207.tar.gz |
Switched StrOpt to ListOpt in CORS allowed_origins
This patch switches the 'allowed_origin' CORS configuration option
from a single string to an array of strings. This will let you
configure multiple domains simultaneously with the same options,
without having to add additional configuration blocks.
By doing this, pastedeploy users will no longer have to configure
mulitple filters if they wish to grant access to more than one
domain.
Change-Id: Ie2e57b76717604f701daa16ebf8ffa8c06835e3c
Diffstat (limited to 'doc')
-rw-r--r-- | doc/source/cors.rst | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/doc/source/cors.rst b/doc/source/cors.rst index 368b248..99e5dc0 100644 --- a/doc/source/cors.rst +++ b/doc/source/cors.rst @@ -49,18 +49,19 @@ In your application's config file, then include a default configuration block something like this:: [cors] - allowed_origin=https://website.example.com:443 + allowed_origin=https://website.example.com:443,https://website2.example.com:443 max_age=3600 allow_methods=GET,POST,PUT,DELETE allow_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Custom-Header expose_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Custom-Header -This middleware permits you to define multiple `allowed_origin`'s. To express -this in your configuration file, first begin with a `[cors]` group as above, -into which you place your default configuration values. Then add as many -additional configuration groups as necessary, naming them `[cors.something]` -(each name must be unique). The purpose of the suffix to `cors.` is -legibility, we recommend using a reasonable human-readable string:: +This middleware permits you to override the rules for multiple +`allowed_origin`'s. To express this in your configuration file, first begin +with a `[cors]` group as above, into which you place your default +configuration values. Then add as many additional configuration groups as +necessary, naming them `[cors.something]` (each name must be unique). The +purpose of the suffix to `cors.` is legibility, we recommend using a +reasonable human-readable string:: [cors.ironic_webclient] # CORS Configuration for a hypothetical ironic webclient, which overrides @@ -94,11 +95,11 @@ Configuration for pastedeploy ----------------------------- If your application is using pastedeploy, the following configuration block -will add CORS support. To add multiple domains, simply add another filter.:: +will add CORS support.:: [filter:cors] paste.filter_factory = oslo_middleware.cors:filter_factory - allowed_origin=https://website.example.com:443 + allowed_origin=https://website.example.com:443,https://website2.example.com:443 max_age=3600 allow_methods=GET,POST,PUT,DELETE allow_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Custom-Header |