review.fuel-infra Code Review - openstack-build/cinder-build.git/commit

author	Michael Krotscheck <krotscheck@gmail.com>
	Mon, 19 Oct 2015 13:43:40 +0000 (06:43 -0700)
committer	Michael Krotscheck <krotscheck@gmail.com>
	Fri, 30 Oct 2015 22:45:07 +0000 (15:45 -0700)
commit	ea49e4faa72b926b70708e783286de7a690526a0
tree	66df1f634db2035e9434435a00d114b1c9215def	tree \| snapshot
parent	aa6265b1080a0b397ba6664a4f8a2856981301ad	commit \| diff

Adds CORS support to Cinder

This patch adds the CORS support middleware to Cinder, allowing a
deployer to optionally configure rules under which a javascript client
may break the single-origin policy and access the API directly.

For cinder, the paste.ini method of deploying the middleware was
chosen, because it needs to be able to annotate responses created
by keystonemiddleware. If the middleware was explicitly included,
keystone would reject the request before the cross-domain headers
could be annotated, resulting in an error response that is
unreadable by the user agent.

Note that tests were explicitly not included. Cinder does not
possess a functional test suite, and thus constructing any
fake application with the CORS Middleware would not correctly
test the paste.ini initialization code path.

OpenStack CrossProject Spec:
   http://specs.openstack.org/openstack/openstack-specs/specs/cors-support.html
Oslo_Middleware Docs:
   http://docs.openstack.org/developer/oslo.middleware/cors.html
OpenStack Cloud Admin Guide:
   http://docs.openstack.org/admin-guide-cloud/cross_project_cors.html
DocImpact

Change-Id: Ifac1f2c56365089a36091dc2e38d4641c135ea34