rgw: Look at correct header about headers for CORS

The CORS standard dictates that preflight requests are made with the
Access-Control-Request-Headers header containing the headers of the
author request. The Access-Control-Allow-Headers header is sent in the
response.

The present code looks for Access-Control-Allow-Headers in request, so
fix it to look at Access-Control-Request-Headers instead.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index 8cd85015c23bd8d6f6046afcb1a0cbb0ecd4e564..50899ef1d57810205805068ab3884ff353c74e4a 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -566,7 +566,7 @@ bool RGWOp::generate_cors_headers(string& origin, string& method, string& header
     return false;
   }
 
-  const char *req_hdrs = s->info.env->get("HTTP_ACCESS_CONTROL_ALLOW_HEADERS");
+  const char *req_hdrs = s->info.env->get("HTTP_ACCESS_CONTROL_REQUEST_HEADERS");
 
   get_cors_response_headers(rule, req_hdrs, headers, exp_headers, max_age);
 
@@ -2142,7 +2142,7 @@ void RGWOptionsCORS::execute()
     ret = -ENOENT;
     return;
   }
-  req_hdrs = s->info.env->get("HTTP_ACCESS_CONTROL_ALLOW_HEADERS");
+  req_hdrs = s->info.env->get("HTTP_ACCESS_CONTROL_REQUEST_HEADERS");
   ret = validate_cors_request(&bucket_cors);
   if (!rule) {
     origin = req_meth = NULL;