s3api: Allow CORS preflight requests

Unfortunately, we can't identify the user, so we can't map to an account, so we can't respect whatever CORS metadata might be set on the container. As a result, the allowed origins must be configured cluster-wide. Add a new config option, cors_preflight_allow_origin, for that; default it to blank (ie, deny preflights from all origins, preserving existing behavior), but allow either a comma-separated list of origins or * (to allow all origins). Change-Id: I985143bf03125a05792e79bc5e5f83722d6431b3 Co-Authored-By: Matthew Oliver <matt@oliver.net.au>
author: Tim Burke <tim.burke@gmail.com> 2020-02-27 16:25:44 -0800
committer: Tim Burke <tim.burke@gmail.com> 2021-03-15 13:52:05 -0700
commit: 27a734c78aabdbf04977a01039004e471feae30c (patch)
tree: 8e1e595317dc41502078a1beeab27ec121c67936 /doc/saio/swift
parent: 81db9806901a83f4d0016446cdc48e700ab6e788 (diff)
download: swift-27a734c78aabdbf04977a01039004e471feae30c.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/doc/saio/swift/proxy-server.conf b/doc/saio/swift/proxy-server.conf
index 57a054087..124b36c62 100644
--- a/doc/saio/swift/proxy-server.conf
+++ b/doc/saio/swift/proxy-server.conf
@@ -92,6 +92,7 @@ use = egg:swift#symlink
 use = egg:swift#s3api
 s3_acl = yes
 check_bucket_owner = yes
+cors_preflight_allow_origin = *
 
 # Example to create root secret: `openssl rand -base64 32`
 [filter:keymaster]
author	Tim Burke <tim.burke@gmail.com>	2020-02-27 16:25:44 -0800
committer	Tim Burke <tim.burke@gmail.com>	2021-03-15 13:52:05 -0700
commit	27a734c78aabdbf04977a01039004e471feae30c (patch)
tree	8e1e595317dc41502078a1beeab27ec121c67936 /doc/saio/swift
parent	81db9806901a83f4d0016446cdc48e700ab6e788 (diff)
download	swift-27a734c78aabdbf04977a01039004e471feae30c.tar.gz