From ef53630d674da33523ce2c85c4048f43211066f8 Mon Sep 17 00:00:00 2001
From: Erik Wilson <erik.wilson@rackspace.com>
Date: Thu, 22 Jan 2015 15:33:59 -0600
Subject: [PATCH] Adds assigning CORS header to requests info to End User Guide

With the moving of the Object Storage API content from a
long-form dev guide to a specification, some topics needed
To be added to the End User Guide.

Change-Id: I4015f4a4f342f4c5eb3a085c74c483229b4ee988
Partial-bug: 1392382
---
 doc/user-guide/ch_sdk.xml                     |  1 +
 .../section_object-api-cors-headers.xml       | 61 +++++++++++++++++++
 2 files changed, 62 insertions(+)
 create mode 100644 doc/user-guide/section_object-api-cors-headers.xml

diff --git a/doc/user-guide/ch_sdk.xml b/doc/user-guide/ch_sdk.xml
index aa6dd7d8a3..f2821ab7c3 100644
--- a/doc/user-guide/ch_sdk.xml
+++ b/doc/user-guide/ch_sdk.xml
@@ -29,6 +29,7 @@
   <xi:include href="section_sdk_install.xml"/>
   <xi:include href="section_sdk_authenticate.xml"/>
   <xi:include href="section_sdk_manage_images.xml"/>
+  <xi:include href="section_object-api-cors-headers.xml"/>
   <xi:include href="section_sdk_configure_instances.xml"/>
   <xi:include href="section_sdk_neutron.xml"/>
   <xi:include href="section_sdk_nova.xml"/>
diff --git a/doc/user-guide/section_object-api-cors-headers.xml b/doc/user-guide/section_object-api-cors-headers.xml
new file mode 100644
index 0000000000..b1433f34fc
--- /dev/null
+++ b/doc/user-guide/section_object-api-cors-headers.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<section xmlns="http://docbook.org/ns/docbook"
+    xmlns:xi="http://www.w3.org/2001/XInclude"
+    xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
+    xml:id="cors-headers">
+    <title>Assign CORS headers to requests</title>
+    <para><glossterm baseform="cross-origin resource sharing (cors)"
+            >Cross-Origin Resource Sharing (CORS)</glossterm> is a
+        specification that defines how browsers and servers
+        communicate across origins by using HTTP headers, such as
+        those assigned by Object Storage API requests. The Object
+        Storage API supports the following headers:</para>
+    <itemizedlist>
+        <listitem>
+            <para>Access-Control-Allow-Credentials</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Allow-Methods</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Allow-Origin</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Expose-Headers</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Max-Age</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Request-Headers</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Request-Method</para>
+        </listitem>
+        <listitem>
+            <para>Origin</para>
+        </listitem>
+    </itemizedlist>
+    <para>You can only assign these headers to objects. For more
+        information, see <link
+            xlink:href="http://www.w3.org/TR/access-control/"
+            >www.w3.org/TR/access-control/</link>.</para>
+    <example>
+        <title>Assign CORS header request: HTTP</title>
+        <para>This example assigns the file origin to the
+                <literal>Origin</literal> header, which ensures that
+            the file originated from a reputable source:</para>
+        <screen><prompt>$</prompt> curl -i -X POST -H "Origin: example.com" -H "X-Auth-Token:
+48e17715dfce47bb90dc2a336f63493a"
+https://storage.example.com/v1/MossoCloudFS_c31366f1-9f1c-40dc-a
+b92-6b3f0b5a8c45/ephotos
+HTTP/1.1 204 No Content
+Content-Length: 0
+Content-Type: text/html; charset=UTF-8
+Access-Control-Allow-Origin: example.com
+Access-Control-Expose-Headers: cache-control, content-language,
+content-type, expires, last-modified, pragma, etag, x-timestamp, x-trans-id
+X-Trans-Id: tx979bfe26be6649c489ada-0054cba1d9ord1
+Date: Fri, 30 Jan 2015 15:23:05 GMT</screen>
+    </example>
+</section>