| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |\ \ \ \ \
| |/ / / / |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
With the introduction of set_defaults, as well as new documentation
features for default values in oslo_config, the CORS middleware
has been placed in the odd position where its configuration behaves
inconsistently. If you configure via add_origin, then defaults set
in set_defaults are not honored. If you configure via multiple
configuration blocks ([cors.foo]), then the defaults are also not
honored.
Additionally, with the conversion of allowed_origin into a list_opt,
there is less direct need for multiple config-block parsing.
In order to ensure that the middleware behaves consistently with
the rest of oslo, as well as adheres to a set of basic sane assumptions
made by consumers, this patch deprecates the code path that searches
oslo's configuration for multiple [cors.*] blocks. Subsequent patches
will add additional deprecation flags to this end.
Change-Id: I49c15ccc2dce03b0dea33ec45ef6e271e58582da
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: Ide7df253a6e36a146ad567fc8ef10dac05a85a7c
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: Ic7bc8936c2fc9e1ae59a8cfde3eb50a521485d0e
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: I69f586a1c9180684dc9626eddd745f32dae94a1b
|
| |\ \ \ \ \ |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Allow sample config generators to retrieve the options for the
http-proxy-to-wsgi middleware.
Change-Id: I862c9238b791098c9bb9ce4558db5b21dad14a30
Closes-Bug: #1590218
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Change-Id: Idb80c2ce92626dae901b49f2e92f2dd5f27a1b26
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I think the whole help could be worded better but at least fix the
spelling issue.
Change-Id: I4f93b4f07dbb08efedec44b9b46cc7daef22f73c
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: I450fc87dbd6ad80875110512c100d28095a15194
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: Ia3307d02ecf4d58cd6972945767e426f31200d59
|
| | |_|/ /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
WebOb includes a default content_type, and that's incorrect for status
code such as 304. This fixes that by generalizing the previous fix we
introduced for the CORS middleware.
Change-Id: I57c47ee5627b17a4e266b9ac4bc038dfccb35012
|
| | | | |
| | | |
| | | |
| | | | |
Change-Id: I6d9179f8e3d9fdda72889c2531b2d1793438552c
|
| |\ \ \ \ |
|
| | |/ / /
| | | |
| | | |
| | | | |
Change-Id: Ie4b5f5ce4d1ed20d1006ec3c7afa8e6999f6edcf
|
| |\ \ \ \
| |/ / /
|/| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Seems like not many people know what the detailed output
of this thing does, so in order to make it easier to see
that add a simple __main__ entrypoint.
Change-Id: Ife3b49c29df7d3558efebb4584971cf69bc8359d
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
These headers were removed from the defaults in
https://review.openstack.org/#/c/293566/ - as they are already
automatically managed in accordance to the CORS specification. This
patch removes them from the example code.
Change-Id: Ic2728d65c31dcd2f6a887ce8b112f544fd5730f3
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch adds the PATCH method (rfc5789) to the default permitted
HTTP Methods in this middleware.
Change-Id: Ia5ead0fe27a0e5e6a0eaec532bd267276b003794
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch adds a set_defaults method to the CORS middleware. It
allows overriding the configuration defaults, both for runtime
execution and for config generation.
Change-Id: Iffc20a09c455fa73239d8fe41491daa309858da9
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch updates the default allow_methods config setting
to all headers defined in RFC 2616 Section 9. We were
cherry-picking headers here with no justification, and in order
to be backwards compatible, this patch opts to be inclusive
of all valid methods. Specific methods can still be overridden.
https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html
Change-Id: I3e87e3bdb643706bcd4def1780d84ac8d45addb9
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch removes all 'simple' headers from the default
configuration options, as these are already automatically
handled by the middleware (see line 80).
The list of simple headers is explicitly defined in the W3C
specification, here: https://www.w3.org/TR/cors/#terminology
Change-Id: I34aaec650aa57db083aedd07a5ebe47f6853aa4e
|
| |/
|
|
|
|
|
| |
For more information about this automatic import see:
https://wiki.openstack.org/wiki/Translations/Infrastructure
Change-Id: I07c83c237051f30d1b1c8c5f5c244de344322087
|
| |
|
|
| |
Change-Id: I2efcf5a5a88256a6a291f2c5300738467c96faf4
|
| |
|
|
|
|
| |
The dependency on oslo.i18n already forces this requirement.
Change-Id: Ifc708a432a8c89aa2a98f0d33c189cad4e25e931
|
| |
|
|
| |
Change-Id: I0cedeaf396b1cd0ebcc3b6f3dbbb1d0a67094a0d
|
| |
|
|
| |
Change-Id: If77cfc44d507a80d6e59fa6fbcce105f3c3b7001
|
| |
|
|
| |
Change-Id: I7277d49f58275739dac5f0db0bc448806683bb98
|
| |
|
|
| |
Change-Id: Id1a49843e35b23c4b1cca171a06ec031cd93a021
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Having this middleware as default is very convenient for deployments,
since this enables the application to handle the appropriate headers
correctly in order to deal with SSL, which is nice to have out of the
box. Heat, for instance, has already taken this middleware as default.
However, having this act on the headers by default may not be so
desirable, as the application may not be in front of a proxy, and thus
will have nothing that parses or strips the X-Forwarded-* headers.
Which can lead to security problems.
Thus, this patch proposes the enabling of this functionality through a
configuration option. This will enable more projects to take this
middleware into use by default, and the deployer would only need to
change one configuration file; while leaving the paste configuration
intact.
Change-Id: I50a70d477613025d3e54e4ee773bbb1d6fcf2e68
SecurityImpact
|
| | |
| |
| |
| |
| |
| | |
This related to https://github.com/Pylons/webob/issues/205 upstream.
Change-Id: I18eb78d4206c20efc934fe8709881c2bd6972983
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If an upstream middleware or server returns a 'Vary' header, the
CORS middleware will honor that header and append its own,
rather than overwriting it.
https://tools.ietf.org/html/rfc7231#section-7.1.4
Change-Id: I422cf1723dca7e1ecf0ce863b389f125d4f813bb
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit bb8dbeb3a361586886b1bb060a3d98ffbf5f7e31.
Making this work will depend on having a new release of oslo.config with
the fix in the dependent patch.
Depends-On: Ia024722d05ce8adaa57c58559cb42f2913653bb9
Change-Id: I33b37c74abf63bcaa95e668ec74c9c9849cc3773
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
|
| |\ \ \ |
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
As opposed to a global configuration. This should make testing
a bit more consistent, and less likely to have sideffects.
Change-Id: I034ccced9ec0121bf75c737ac19a498b4ebce1a9
|
| |/ /
| |
| |
| |
| |
| |
| | |
Incorporating user feedback from the ironic team. Clearly describing
the data format of the origin will reduce deployment snags.
Change-Id: I07d1edc1017aafa0cba1e23e155f55668379e656
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We bump hacking>=0.10.0, and hacking removed some rules, for
the full list of rules please see [1]. So don't need them any more.
Hacking related commits:
Remove H904 in commit b1fe19ebebe47a36b905d709467f5e82521bbd96
Remove H803 in commit f01ce4fd822546cbd52a0aedc49184bddbfe1b10
Remove H305 in commit 8f1fcbdb9aa4fc61349e5e879153c722195b1233
[1]https://github.com/openstack-dev/hacking/blob/master/setup.cfg#L30
Change-Id: Iac1c3097453c205e17b4894ac28a821b2ccf08b5
|
| | | |
| | |
| | |
| | | |
Change-Id: Ica5b6d2af8b88a4a106b9d4f80467c609ebde3bc
|
| | |/
|/|
| |
| | |
Change-Id: Icc244123f4a2899caeb468fd831e9f821407102c
|
| |/
|
|
|
|
|
|
|
|
|
| |
This patch addresses a documentation build issue caused by the
oslo.config sphinx integration. In order to unblock this repo, we can
work around the issue here while fixing it in oslo.config, then revert
this change.
Change-Id: Ie4a29e8e8d44d00354ea0dd8420bac5b8812a717
Related-Bug: #1549106
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow new infra setup for translations, see spec
http://specs.openstack.org/openstack-infra/infra-specs/specs/translation_setup.html
for full details.
This basically renames
oslo.middleware/locale/oslo.middleware.pot to
oslo_middleware/locale/oslo_middleware.pot. For this we need to update
setup.cfg.
Update also domain name in i18n.py.
Change-Id: I5d9c146d6bc9392930c93414c04dda89c16044c1
|
| |
|
|
| |
Change-Id: I34acf045bbd892a2ea1675180eb72c0b03122171
|
| |
|
|
| |
Change-Id: I49e8e31f258f407a1a207345dfd6c7e4a2d7570b
|
| |
|
|
| |
Change-Id: I724acbab23e229923814ca3ae6307e5963682c57
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This is a remaining of the Python 2.6 compat, and this is causing
some issues in distros who have to patch it out. So this patch
removes ordereddict from requirements.txt
Change-Id: I4e8498b71a65e2b235598916ce07349a33086deb
|
| |\ \ |
|
