[
https://issues.apache.org/jira/browse/HDDS-14386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ivan Andika updated HDDS-14386:
-------------------------------
Description:
Ozone does not support per-bucket CORS configuration (it depends on the reverse
proxy), but it is good to document the CORS configuration.
Nginx CORS configuration can look like this
{code:java}
if ($http_origin ~ '^http[s]*://(.*)') {
set $cors 'cors';
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'PUT, GET, POST, HEAD, DELETE,
PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers'
$http_access_control_request_headers always;
add_header 'Access-Control-Expose-Headers' 'ETag' always;
}
if ($request_method = 'OPTIONS') {
set $cors '${cors}_options';
}
if ($cors = 'cors_options') {
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'PUT, GET, POST, HEAD, DELETE,
PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers'
$http_access_control_request_headers always;
add_header 'Access-Control-Expose-Headers' 'ETag' always;
return 204;
} {code}
For HAProxy configuration we can check
[https://github.com/haproxytech/haproxy-lua-cors]
was:
Ozone bucket does not support per-bucket CORS configuration, but it is good to
document the CORS configuration.
Nginx CORS configuration can look like this
{code:java}
if ($http_origin ~ '^http[s]*://(.*)') {
set $cors 'cors';
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'PUT, GET, POST, HEAD, DELETE,
PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers'
$http_access_control_request_headers always;
add_header 'Access-Control-Expose-Headers' 'ETag' always;
}
if ($request_method = 'OPTIONS') {
set $cors '${cors}_options';
}
if ($cors = 'cors_options') {
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'PUT, GET, POST, HEAD, DELETE,
PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers'
$http_access_control_request_headers always;
add_header 'Access-Control-Expose-Headers' 'ETag' always;
return 204;
} {code}
For HAProxy configuration we can check
[https://github.com/haproxytech/haproxy-lua-cors]
> Document the recommended CORS configuration
> -------------------------------------------
>
> Key: HDDS-14386
> URL: https://issues.apache.org/jira/browse/HDDS-14386
> Project: Apache Ozone
> Issue Type: Improvement
> Reporter: Ivan Andika
> Assignee: Ivan Andika
> Priority: Major
>
> Ozone does not support per-bucket CORS configuration (it depends on the
> reverse proxy), but it is good to document the CORS configuration.
> Nginx CORS configuration can look like this
> {code:java}
> if ($http_origin ~ '^http[s]*://(.*)') {
> set $cors 'cors';
> add_header 'Access-Control-Allow-Origin' $http_origin always;
> add_header 'Access-Control-Allow-Credentials' 'true' always;
> add_header 'Access-Control-Allow-Methods' 'PUT, GET, POST, HEAD, DELETE,
> PATCH, OPTIONS' always;
> add_header 'Access-Control-Allow-Headers'
> $http_access_control_request_headers always;
> add_header 'Access-Control-Expose-Headers' 'ETag' always;
> }
> if ($request_method = 'OPTIONS') {
> set $cors '${cors}_options';
> }
> if ($cors = 'cors_options') {
> add_header 'Access-Control-Allow-Origin' $http_origin always;
> add_header 'Access-Control-Allow-Credentials' 'true' always;
> add_header 'Access-Control-Allow-Methods' 'PUT, GET, POST, HEAD, DELETE,
> PATCH, OPTIONS' always;
> add_header 'Access-Control-Allow-Headers'
> $http_access_control_request_headers always;
> add_header 'Access-Control-Expose-Headers' 'ETag' always;
> return 204;
> } {code}
> For HAProxy configuration we can check
> [https://github.com/haproxytech/haproxy-lua-cors]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
