openstack/swift
Code Issues Proposed changes

support x-open-expired header for expired objects

Browse Source 
If the global configuration option 'enable_open_expired' is set
to true in the config, then the client will be able to make a
request with the header 'x-open-expired' set to true in order
to access an object that has expired, provided it is in its
grace period. If this config flag is set to false, the client
will not be able to access any expired objects, even with the
header, which is the default behavior unless the flag is set.

When a client sets a 'x-open-expired' header to a true value for a
GET/HEAD/POST request the proxy will forward x-backend-open-expired to
storage server. The storage server will allow clients that set
x-backend-open-expired to open and read an object that has not yet
been reaped by the object-expirer, even after the x-delete-at time
has passed.

The header is always ignored when used with temporary URLs.

Co-Authored-By: Anish Kachinthaya <akachinthaya@nvidia.com>
Related-Change: I106103438c4162a561486ac73a09436e998ae1f0
Change-Id: Ibe7dde0e3bf587d77e14808b169c02f8fb3dddb3
This commit is contained in:
indianwhocodes
2023-02-21 13:26:06 -08:00
committed by Alistair Coles
parent 5961ba0ca7
commit 11eb17d3b2
15 changed files with 1038 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
etc/proxy-server.conf-sample
View File

@@ -339,6 +339,14 @@ use = egg:swift#proxy
# the environment (default). For more information, see
# https://bugs.launchpad.net/liberasurecode/+bug/1886088
# write_legacy_ec_crc =
#
# Setting 'allow_open_expired' to 'true' allows the 'x-open-expired' header
# to be used with HEAD, GET, or POST requests to access expired objects that
# have not yet been deleted from disk. This can be useful in conjunction with
# the object-expirer 'delay_reaping' feature.
# This flag is set to false by default, so it must be changed to access
# expired objects.
# allow_open_expired = false
# Some proxy-server configuration options may be overridden on a per-policy
# basis by including per-policy config section(s). The value of any option
@@ -921,7 +929,7 @@ use = egg:swift#tempurl
# list of header names and names can optionally end with '*' to indicate a
# prefix match. incoming_allow_headers is a list of exceptions to these
# removals.
# incoming_remove_headers = x-timestamp
# incoming_remove_headers = x-timestamp x-open-expired
#
# The headers allowed as exceptions to incoming_remove_headers. Simply a
# whitespace delimited list of header names and names can optionally end with