Fix #7043: RGW CORS fixes for Access-Control-Request-Headers - rgw - Ceph

Actions

Copy link

Fix #7043

closed

RGW CORS fixes for Access-Control-Request-Headers

Added by Robin Johnson over 10 years ago. Updated over 10 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Target version:

% Done:

Source:

Community (user)

Tags:

cors, rgw

Backport:

dumpling, emperor

Reviewed:

Affected Versions:

ceph-qa-suite:

Pull request ID:

Crash signature (v1):

Crash signature (v2):

Description

I was trying to use the RGW CORS support, and found that it flubbed handling of the Access-Control-Request-Headers header badly.

It was expecting Access-Control-Allow-Headers in the request where it should have taken the Access-Control-Request-Headers, and it was also validating the content in a case-sensitive manner, when the CORS standard (6.2.6) requires that headers are validated case-insensitive.

I have submitted a pull request with the fixes: https://github.com/ceph/ceph/pull/975

Should be backported to other versions if CORS is expected to work there.

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Ceph » rgw

Custom queries

Fix #7043

RGW CORS fixes for Access-Control-Request-Headers

Updated by Yehuda Sadeh over 10 years ago

Updated by Yehuda Sadeh over 10 years ago