openstack/openstack-manuals
Code Issues Proposed changes
a4b7225874
openstack-manuals/doc/user-guide/section_object-api-cors-headers.xml
Erik Wilson ef53630d67 Adds assigning CORS header to requests info to End User Guide 
With the moving of the Object Storage API content from a
long-form dev guide to a specification, some topics needed
To be added to the End User Guide.

Change-Id: I4015f4a4f342f4c5eb3a085c74c483229b4ee988
Partial-bug: 1392382
2015-02-06 20:53:46 -06:00

62 lines
2.4 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="cors-headers">
<title>Assign CORS headers to requests</title>
<para><glossterm baseform="cross-origin resource sharing (cors)"
>Cross-Origin Resource Sharing (CORS)</glossterm> is a
specification that defines how browsers and servers
communicate across origins by using HTTP headers, such as
those assigned by Object Storage API requests. The Object
Storage API supports the following headers:</para>
<itemizedlist>
<listitem>
<para>Access-Control-Allow-Credentials</para>
</listitem>
<listitem>
<para>Access-Control-Allow-Methods</para>
</listitem>
<listitem>
<para>Access-Control-Allow-Origin</para>
</listitem>
<listitem>
<para>Access-Control-Expose-Headers</para>
</listitem>
<listitem>
<para>Access-Control-Max-Age</para>
</listitem>
<listitem>
<para>Access-Control-Request-Headers</para>
</listitem>
<listitem>
<para>Access-Control-Request-Method</para>
</listitem>
<listitem>
<para>Origin</para>
</listitem>
</itemizedlist>
<para>You can only assign these headers to objects. For more
information, see <link
xlink:href="http://www.w3.org/TR/access-control/"
>www.w3.org/TR/access-control/</link>.</para>
<example>
<title>Assign CORS header request: HTTP</title>
<para>This example assigns the file origin to the
<literal>Origin</literal> header, which ensures that
the file originated from a reputable source:</para>
<screen><prompt>$</prompt> curl -i -X POST -H "Origin: example.com" -H "X-Auth-Token:
48e17715dfce47bb90dc2a336f63493a"
https://storage.example.com/v1/MossoCloudFS_c31366f1-9f1c-40dc-a
b92-6b3f0b5a8c45/ephotos
HTTP/1.1 204 No Content
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: example.com
Access-Control-Expose-Headers: cache-control, content-language,
content-type, expires, last-modified, pragma, etag, x-timestamp, x-trans-id
X-Trans-Id: tx979bfe26be6649c489ada-0054cba1d9ord1
Date: Fri, 30 Jan 2015 15:23:05 GMT</screen>
</example>
</section>
View Git Blame Copy Permalink