Merge "Adds assigning CORS header to requests info to End User Guide"

2015-02-08 04:27:09 +00:00 · 2015-02-08 04:27:09 +00:00 · b8a6026403
commit b8a6026403
parent 350aac9eca ef53630d67
2 changed files with 62 additions and 0 deletions
--- a/doc/user-guide/ch_sdk.xml
+++ b/doc/user-guide/ch_sdk.xml
@ -29,6 +29,7 @@
  <xi:include href="section_sdk_install.xml"/>
  <xi:include href="section_sdk_authenticate.xml"/>
  <xi:include href="section_sdk_manage_images.xml"/>
+  <xi:include href="section_object-api-cors-headers.xml"/>
  <xi:include href="section_sdk_configure_instances.xml"/>
  <xi:include href="section_sdk_neutron.xml"/>
  <xi:include href="section_sdk_nova.xml"/>
--- a/doc/user-guide/section_object-api-cors-headers.xml
+++ b/doc/user-guide/section_object-api-cors-headers.xml
@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<section xmlns="http://docbook.org/ns/docbook"
+    xmlns:xi="http://www.w3.org/2001/XInclude"
+    xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
+    xml:id="cors-headers">
+    <title>Assign CORS headers to requests</title>
+    <para><glossterm baseform="cross-origin resource sharing (cors)"
+            >Cross-Origin Resource Sharing (CORS)</glossterm> is a
+        specification that defines how browsers and servers
+        communicate across origins by using HTTP headers, such as
+        those assigned by Object Storage API requests. The Object
+        Storage API supports the following headers:</para>
+    <itemizedlist>
+        <listitem>
+            <para>Access-Control-Allow-Credentials</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Allow-Methods</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Allow-Origin</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Expose-Headers</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Max-Age</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Request-Headers</para>
+        </listitem>
+        <listitem>
+            <para>Access-Control-Request-Method</para>
+        </listitem>
+        <listitem>
+            <para>Origin</para>
+        </listitem>
+    </itemizedlist>
+    <para>You can only assign these headers to objects. For more
+        information, see <link
+            xlink:href="http://www.w3.org/TR/access-control/"
+            >www.w3.org/TR/access-control/</link>.</para>
+    <example>
+        <title>Assign CORS header request: HTTP</title>
+        <para>This example assigns the file origin to the
+                <literal>Origin</literal> header, which ensures that
+            the file originated from a reputable source:</para>
+        <screen><prompt>$</prompt> curl -i -X POST -H "Origin: example.com" -H "X-Auth-Token:
+48e17715dfce47bb90dc2a336f63493a"
+https://storage.example.com/v1/MossoCloudFS_c31366f1-9f1c-40dc-a
+b92-6b3f0b5a8c45/ephotos
+HTTP/1.1 204 No Content
+Content-Length: 0
+Content-Type: text/html; charset=UTF-8
+Access-Control-Allow-Origin: example.com
+Access-Control-Expose-Headers: cache-control, content-language,
+content-type, expires, last-modified, pragma, etag, x-timestamp, x-trans-id
+X-Trans-Id: tx979bfe26be6649c489ada-0054cba1d9ord1
+Date: Fri, 30 Jan 2015 15:23:05 GMT</screen>
+    </example>
+</section>