Re: [PR] HDDS-14386. Support bucket CORS configuration [ozone]

Wed, 06 May 2026 21:50:15 -0700 


Copilot commented on code in PR #10138:
URL: https://github.com/apache/ozone/pull/10138#discussion_r3198994930


##########
hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3/CommonHeadersContainerResponseFilter.java:
##########
@@ -44,5 +55,54 @@ public void filter(ContainerRequestContext 
containerRequestContext,
     containerResponseContext.getHeaders()
         .add("x-amz-request-id", requestIdentifier.getRequestId());
 
+    addCorsHeaders(containerRequestContext, containerResponseContext);
+  }
+
+  private void addCorsHeaders(ContainerRequestContext requestContext,
+      ContainerResponseContext responseContext) {
+    String origin = requestContext.getHeaderString(S3Consts.ORIGIN_HEADER);
+    if (StringUtils.isBlank(origin)
+        || "OPTIONS".equalsIgnoreCase(requestContext.getMethod())) {
+      return;
+    }
+
+    String bucketName = getBucketName(requestContext);
+    if (StringUtils.isBlank(bucketName)) {
+      return;
+    }
+
+    try {
+      OzoneBucket bucket = getCachedBucket(requestContext, bucketName);
+      if (bucket == null) {
+        return;
+      }

Review Comment:
   CORS headers are only applied when the bucket is present in the 
request-scoped cache (CACHED_BUCKETS_CONTEXT_PROPERTY). For common object 
GET/HEAD flows, the endpoint often fetches key metadata via RPC without ever 
loading the bucket, so the cache remains empty and this filter returns early, 
resulting in missing Access-Control-Allow-Origin on the actual response 
(browser will block even if preflight passed). Consider falling back to loading 
the bucket (eg via ObjectStore#getS3Bucket) when not cached, or ensuring bucket 
loading/caching happens whenever an Origin header is present.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to