Added Keystone and RequestID headers to CORS middleware

CORS middleware's latent configuration feature, new in 3.0.0, allows adding headers that apply to all valid origins. This patch adds headers commonly used in openstack to trove's paste pipeline, so that operators do not have to be aware of additional configuration magic to ensure that browsers can talk to the API. For more information: http://docs.openstack.org/developer/oslo.middleware/cors.html#configuration-for-pastedeploy Change-Id: Idf2cd7a0d0d701002f2c1f178475da39ae1a9caf
2016-01-08 10:42:32 -08:00 · 2016-01-08 10:42:32 -08:00 · 1fe8c0bac1
parent 5153cb8231
commit 1fe8c0bac1
1 changed files with 3 additions and 0 deletions
--- a/etc/trove/api-paste.ini
+++ b/etc/trove/api-paste.ini
@ -22,6 +22,9 @@ paste.filter_factory = trove.common.auth:AuthorizationMiddleware.factory
 [filter:cors]
 paste.filter_factory = oslo_middleware.cors:filter_factory
 oslo_config_project = trove
+latent_allow_headers = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
+latent_expose_headers = X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
+latent_allow_methods = GET, PUT, POST, DELETE, PATCH

 [filter:contextwrapper]
 paste.filter_factory = trove.common.wsgi:ContextMiddleware.factory