diff options
author | Tim Burke <tim.burke@gmail.com> | 2020-02-27 16:25:44 -0800 |
---|---|---|
committer | Tim Burke <tim.burke@gmail.com> | 2021-03-15 13:52:05 -0700 |
commit | 27a734c78aabdbf04977a01039004e471feae30c (patch) | |
tree | 8e1e595317dc41502078a1beeab27ec121c67936 /docker | |
parent | 81db9806901a83f4d0016446cdc48e700ab6e788 (diff) | |
download | swift-27a734c78aabdbf04977a01039004e471feae30c.tar.gz |
s3api: Allow CORS preflight requests
Unfortunately, we can't identify the user, so we can't map to an
account, so we can't respect whatever CORS metadata might be set on the
container.
As a result, the allowed origins must be configured cluster-wide. Add a
new config option, cors_preflight_allow_origin, for that; default it
to blank (ie, deny preflights from all origins, preserving existing
behavior), but allow either a comma-separated list of origins or
* (to allow all origins).
Change-Id: I985143bf03125a05792e79bc5e5f83722d6431b3
Co-Authored-By: Matthew Oliver <matt@oliver.net.au>
Diffstat (limited to 'docker')
-rw-r--r-- | docker/rootfs/etc/swift/proxy-server.conf | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/docker/rootfs/etc/swift/proxy-server.conf b/docker/rootfs/etc/swift/proxy-server.conf index a964f1520..8189cb7f2 100644 --- a/docker/rootfs/etc/swift/proxy-server.conf +++ b/docker/rootfs/etc/swift/proxy-server.conf @@ -82,6 +82,7 @@ use = egg:swift#symlink # To enable, add the s3api middleware to the pipeline before tempauth [filter:s3api] use = egg:swift#s3api +cors_preflight_allow_origin = * # Example to create root secret: `openssl rand -base64 32` [filter:keymaster] |