Add ability to configure cross-origin requests

The patch introduces a variable `glance_cors_allowed_origin` which
allows a user to configure a specific origin that can do cross
domain requests.

Change-Id: I45f30d2ea7070e62d5d14ad87c872e98af1d7890
This commit is contained in:
Mohammed Naser 2018-06-29 12:54:49 -04:00 committed by Jesse Pretorius (odyssey4me)
parent 0d4ea81077
commit 788273c6b5
3 changed files with 14 additions and 0 deletions

View File

@ -172,6 +172,8 @@ glance_keystone_auth_plugin: password
## Glance config
glance_image_cache_max_size: 10737418240
# CORS options
glance_cors_allowed_origin: "{{ (glance_show_multiple_locations | bool) | ternary(external_lb_vip_address, None) }}"
# If ``glance_api_workers`` is unset the system will use half the number of available VCPUS to
# compute the number of api workers to use.
# glance_api_workers: 16

View File

@ -0,0 +1,5 @@
---
features:
- It is possible to configure Glance to allow cross origin requests by
specifying the allowed origin address using the ``glance_cors_allowed_origin``
variable. By default, this will be the load balancer address.

View File

@ -118,3 +118,10 @@ enabled = {{ glance_profiler_enabled }}
[oslo_middleware]
enable_proxy_headers_parsing = True
{% endif %}
{% if glance_cors_allowed_origin is not none %}
[cors]
allow_headers = origin,content-md5,x-image-meta-checksum,x-storage-token,accept-encoding,x-auth-token,x-identity-status,x-roles,x-service-catalog,x-user-id,x-tenant-id,x-openstack-request-id
allow_methods = GET,POST,PUT,PATCH,DELETE
allowed_origin = {{ glance_cors_allowed_origin }}
{% endif %}