Fixes: #8718
Backport: firefly
CORS preflight requests don't need to be authenticated. Treat them as
coming from anonymous user.
Reported-by: Robert Hubbard <bobby.hubbard@garmin.com>
Signed-off-by: Yehuda Sadeh <yehuda@redhat.com>
return 0;
}
+static void init_anon_user(struct req_state *s)
+{
+ rgw_get_anon_user(s->user);
+ s->perm_mask = RGW_PERM_FULL_CONTROL;
+}
+
/*
* verify that a signed request comes from the keyholder
* by checking the signature against our locally-computed version
return -EPERM;
}
+ if (s->op == OP_OPTIONS) {
+ init_anon_user(s);
+ return 0;
+ }
+
if (!s->http_auth || !(*s->http_auth)) {
auth_id = s->info.args.get("AWSAccessKeyId");
if (auth_id.size()) {
qsr = true;
} else {
/* anonymous access */
- rgw_get_anon_user(s->user);
- s->perm_mask = RGW_PERM_FULL_CONTROL;
+ init_anon_user(s);
return 0;
}
} else {
int RGWHandler_ObjStore_SWIFT::authorize()
{
- if (!s->os_auth_token && s->info.args.get("temp_url_sig").empty()) {
+ if ((!s->os_auth_token && s->info.args.get("temp_url_sig").empty()) ||
+ (s->op == OP_OPTIONS)) {
/* anonymous access */
rgw_get_anon_user(s->user);
s->perm_mask = RGW_PERM_FULL_CONTROL;
projects / ceph.git / commitdiff