← Back to team overview

openstack team mailing list archive

Re: Using Nova APIs from Javascript: possible?

 

On 04/24/2012 10:19 AM, Nick Lothian wrote:
JSONP is great, but won't work with POST requests.

I don't quite understand what "Due to the redirect nature of the auth system" means, though.

Sorry, I am working on a few things that are related. OpenID and various other systems have issues along these lines that are due to the fact that they are done with redirects. UI'll try to be clearer in the future.


That actually works fine because the token is not in the header when it comes from Keystone. However, if you were to post toa web app that then needed to make your browser post to a remote system (which is where the same origin policy comes in to play) you need to set that Auth token into a custom header, and Javascript is forbidden to do that. Yes, the Javascript can say "post to glance" or some other openstack API server, but it can't set the X auth header with the token from Keystone in order to make the call authenticated.




Nick

On Tue, Apr 24, 2012 at 8:57 PM, Sandy Walsh <sandy.walsh@xxxxxxxxxxxxx <mailto:sandy.walsh@xxxxxxxxxxxxx>> wrote:

    Due to the redirect nature of the auth system we may need JSONP
    support
    for this to work.



    _______________________________________________
    Mailing list: https://launchpad.net/~openstack
    <https://launchpad.net/%7Eopenstack>
    Post to     : openstack@xxxxxxxxxxxxxxxxxxx
    <mailto:openstack@xxxxxxxxxxxxxxxxxxx>
    Unsubscribe : https://launchpad.net/~openstack
    <https://launchpad.net/%7Eopenstack>
    More help   : https://help.launchpad.net/ListHelp




_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to     : openstack@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


Follow ups

References