From: Robin H. Johnson Date: Sun, 15 Dec 2013 19:27:49 +0000 (-0800) Subject: rgw: Look at correct header about headers for CORS X-Git-Tag: v0.67.6~24 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=fdea76ef6f7d7c4ee89c30d430f5495072023957;p=ceph.git rgw: Look at correct header about headers for CORS The CORS standard dictates that preflight requests are made with the Access-Control-Request-Headers header containing the headers of the author request. The Access-Control-Allow-Headers header is sent in the response. The present code looks for Access-Control-Allow-Headers in request, so fix it to look at Access-Control-Request-Headers instead. Signed-off-by: Robin H. Johnson Reviewed-by: Yehuda Sadeh (cherry picked from commit 2abacd9678ae04cefac457882ba718a454948915) --- diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc index 76eb6202af9a..72ff5214f435 100644 --- a/src/rgw/rgw_op.cc +++ b/src/rgw/rgw_op.cc @@ -520,7 +520,7 @@ bool RGWOp::generate_cors_headers(string& origin, string& method, string& header return false; } - const char *req_hdrs = s->info.env->get("HTTP_ACCESS_CONTROL_ALLOW_HEADERS"); + const char *req_hdrs = s->info.env->get("HTTP_ACCESS_CONTROL_REQUEST_HEADERS"); get_cors_response_headers(rule, req_hdrs, headers, exp_headers, max_age); @@ -2079,7 +2079,7 @@ void RGWOptionsCORS::execute() ret = -ENOENT; return; } - req_hdrs = s->info.env->get("HTTP_ACCESS_CONTROL_ALLOW_HEADERS"); + req_hdrs = s->info.env->get("HTTP_ACCESS_CONTROL_REQUEST_HEADERS"); ret = validate_cors_request(&bucket_cors); if (!rule) { origin = req_meth = NULL;