From: Aashish Sharma <aasharma@li-e74156cc-2f67-11b2-a85c-e98659a63c5c.ibm.com>
Date: Thu, 14 Mar 2024 08:55:08 +0000 (+0530)
Subject: Allow DELETE method api request, X-TOTAL-COUNT header in CORS config in dashboard
X-Git-Tag: v20.0.0~2374^2
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=3061eb367001fd13f75980fac1084639ab7c0abb;p=ceph.git

Allow DELETE method api request, X-TOTAL-COUNT header in CORS config in dashboard

Fixes: https://tracker.ceph.com/issues/64913

Signed-off-by: Aashish Sharma <aasharma@redhat.com>
---

diff --git a/src/pybind/mgr/dashboard/tools.py b/src/pybind/mgr/dashboard/tools.py
index 5619b5bb90d57..51ed9c471aac6 100644
--- a/src/pybind/mgr/dashboard/tools.py
+++ b/src/pybind/mgr/dashboard/tools.py
@@ -873,7 +873,7 @@ def cors_tool():
     cross_origin_url_list = [url.strip() for url in cross_origin_urls.split(',')]
     if req_header_cross_origin_url in cross_origin_url_list:
         resp_head['Access-Control-Allow-Origin'] = req_header_cross_origin_url
-    resp_head['Access-Control-Expose-Headers'] = 'GET, POST'
+    resp_head['Access-Control-Expose-Headers'] = 'GET, POST, X-Total-Count'
     resp_head['Access-Control-Allow-Credentials'] = 'true'
 
     # Non-simple CORS preflight request; short-circuit the normal handler.
@@ -883,7 +883,7 @@ def cors_tool():
             resp_head['Access-Control-Allow-Origin'] = req_header_origin_url
         ac_method = req_head.get('Access-Control-Request-Method', None)
 
-        allowed_methods = ['GET', 'POST', 'PUT']
+        allowed_methods = ['GET', 'POST', 'PUT', 'DELETE']
         allowed_headers = [
             'Content-Type',
             'Authorization',