diff options
author | Tim Burke <tim.burke@gmail.com> | 2020-02-27 16:25:44 -0800 |
---|---|---|
committer | Tim Burke <tim.burke@gmail.com> | 2021-03-15 13:52:05 -0700 |
commit | 27a734c78aabdbf04977a01039004e471feae30c (patch) | |
tree | 8e1e595317dc41502078a1beeab27ec121c67936 /doc/saio/swift | |
parent | 81db9806901a83f4d0016446cdc48e700ab6e788 (diff) | |
download | swift-27a734c78aabdbf04977a01039004e471feae30c.tar.gz |
s3api: Allow CORS preflight requests
Unfortunately, we can't identify the user, so we can't map to an
account, so we can't respect whatever CORS metadata might be set on the
container.
As a result, the allowed origins must be configured cluster-wide. Add a
new config option, cors_preflight_allow_origin, for that; default it
to blank (ie, deny preflights from all origins, preserving existing
behavior), but allow either a comma-separated list of origins or
* (to allow all origins).
Change-Id: I985143bf03125a05792e79bc5e5f83722d6431b3
Co-Authored-By: Matthew Oliver <matt@oliver.net.au>
Diffstat (limited to 'doc/saio/swift')
-rw-r--r-- | doc/saio/swift/proxy-server.conf | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/doc/saio/swift/proxy-server.conf b/doc/saio/swift/proxy-server.conf index 57a054087..124b36c62 100644 --- a/doc/saio/swift/proxy-server.conf +++ b/doc/saio/swift/proxy-server.conf @@ -92,6 +92,7 @@ use = egg:swift#symlink use = egg:swift#s3api s3_acl = yes check_bucket_owner = yes +cors_preflight_allow_origin = * # Example to create root secret: `openssl rand -base64 32` [filter:keymaster] |