openstack team mailing list archive

[Adrian Smith <adrian@xxxxxxxx>]

The authentication request returns X-Storage-Url and X-Auth-Token
headers. For the JS client to see them they need to be referenced in
Access-Control-Expose-Headers. As of the last time checked, both these
headers were being stripped from the response before being presented
to JS.

Adrian


On 23 April 2012 10:35, Nick Lothian <nick.lothian@xxxxxxxxx> wrote:
>
> Hi Adrian,
>
> Good to know this is a known issue.
>
> Why does the client need to see custom headers from the server anyway?
> I know the client needs to pass the authorisation header to the server, but
> I haven't seen any of the APIs yet that return custom headers. (It's likely
> I'm missing them though)
>
> Nick
>
> On Apr 23, 2012 5:40 PM, "Adrian Smith" <adrian@xxxxxxxx> wrote:
>>
>> Hi Nick,
>>
>> I did some work with CORS a few months back [1].
>>
>> At the time I couldn't get any browser to work properly with CORS so I
>> just parked the code. The problem was lack of support for the
>> Access-Control-Expose-Headers header.
>>
>> According to the Chrome bug report [2] this issue may well be fixed
>> now so I need to retest.
>>
>> Adrian
>>
>> [1]
>> http://www.mail-archive.com/openstack@xxxxxxxxxxxxxxxxxxx/msg07219.html
>> [2] http://code.google.com/p/chromium/issues/detail?id=87338
>>
>>
>> On 23 April 2012 06:19, Nick Lothian <nick.lothian@xxxxxxxxx> wrote:
>> > Hi,
>> >
>> > I've been playing with the Nova APIs from Javascript, and I've run into
>> > a
>> > problem.
>> >
>> > The very first thing one needs to do to use the APIs is to get a token.
>> >
>> > That requires a POST to the API endpoint. Using curl & trystack that
>> > looks
>> > like this:
>> >
>> > $ curl -k -X 'POST' -v https://nova-api.trystack.org:5443/v2.0/tokens -d
>> > '{"auth":{"passwordCredentials":{"username": "<username>",
>> > "password":"<password>"}}}' -H 'Content-type: application/json'
>> >
>> >
>> > The Javascript equivalent (using JQuery) is:
>> >
>> >     $.ajax({
>> >         url: "https://nova-api.trystack.org:5443/v2.0/tokens";,
>> >         type: 'POST',
>> >         headers: {"Content-Type": "application/json"},
>> >         data:  {"auth":{"passwordCredentials":{"username":"<username>",
>> > "password":"<password>"}}},
>> >         success: function(data) { alert(data); }
>> >     });
>> >
>> > That fails because the call is cross-domain, and Nova doesn't support
>> > CORS
>> > (http://en.wikipedia.org/wiki/Cross-origin_resource_sharing). <script>
>> > based
>> > cross-domain requests only supports GET requests, so that doesn't work
>> > either.
>> >
>> > I have raised a bug: https://bugs.launchpad.net/nova/+bug/987044, but
>> > I'm
>> > really hoping someone can point out something obvious I'm missing here.
>> >
>> > Regards
>> >   Nick Lothian
>> >
>> > _______________________________________________
>> > Mailing list: https://launchpad.net/~openstack
>> > Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>> > Unsubscribe : https://launchpad.net/~openstack
>> > More help   : https://help.launchpad.net/ListHelp
>> >
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>