Change tempauth to check X-Auth-Token in HTTP cookies in addition to headers
Registered by
Philip Peshin
For Javascript/HTML based application it is not possible to send HTTP header for downloading file locally via clicking on a link. TempURL middleware requires exposure of a secret key, which is not desirable for Javascript/HTML application since source code is entirely on the client.
The proposed solution is to change tempauth to recognize "X-Auth-Token" cookie, which could be set by Javascript in the browser. Then it will be possible to download file from Swift by clicking a link.
Here is a patch for tempauth.py:
132c132
< token = env.get(
---
> token = env.get(
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
(?)